Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 25 Sep 2006 13:57:26 +0400
From:      Roman Bogorodskiy <novel@FreeBSD.org>
To:        "Andrey V. Elsukov" <bu7cher@yandex.ru>
Cc:        freebsd-ipfw@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>, Oleg Bulyzhin <oleg@FreeBSD.org>, Luigi Rizzo <rizzo@icir.org>
Subject:   Re: kern/103454: [ipfw] [patch] add a facility to modify DF bit of the IP packet
Message-ID:  <20060925095726.GC99061@novel.fannet.ru>
In-Reply-To: <4513641C.3010002@yandex.ru>
References:  <200609211400.k8LE0uMN075069@freefall.freebsd.org> <4513641C.3010002@yandex.ru>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
  Andrey V. Elsukov wrote:

> Roman Bogorodskiy wrote:
> > +.It Cm setdf Ar value
> > +Changes
> > +.Cm DF
> > +bit of the IP packet.
> > +Value may be 0 (May Fragment) or 1 (Don't Fragment).
> 
> May be, it would be more handy make this feature via modifier
> (not an action).
> Rule format:
>  <action> [setdf|resetdf] <rule body>
> 
> Or more extensible, use not only DF modification:
>  <action> [{modip [DF|TOS|DSCP|TTL]}] <rule body>

Yeah, that's nice idea. However, I have already working DF bit stuff and
tos/dscp stuff as well (kern/102471) implemented in another way. And
since committers don't seem to show intested in these
patches/functionaliy, I'm not quite sure if I need to waste time on
re-implementing it because it would be pretty useless if these patches
would hang in GNATS forever.

> I think this is easy to pack any of an instructions into one
> ipfw_insn_xx structure.
> 
> > +			case O_SET_IPDF:
> > +				switch (cmd->arg1) {
> > +					case 0:
> > +						ip->ip_off &=3D ~IP_DF;
> > +						break;
> > +					case 1:
> > +						ip->ip_off |=3D IP_DF;
> > +						break;
> > +					default:
> > +						goto next_rule;
> > +						/* NOTREACHED */
> 
> We can check cmd->arg1 for correct values in the ipfw_chk
> function.

Hm, sorry... could you clearify it to me please?

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iQCVAwUBRReoBoB0WzgdqspGAQJtrgQAkTNQq4uLFhc2qAkhyswkSvmOCquuJ4lO
4AVZzz0Dj8IXgcs7vdkWdWjhv3SL7AuxTpSnPoh02a/MuWyeQBEhFks0UdCcBASu
qxZmaCfqiELCeckNHuajbe8SR+q1GpK6errpeVAzT7MSpziZzQdD5AjTABHG4Dqq
59j13KVIZHE=
=Erke
-----END PGP SIGNATURE-----
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060925095726.GC99061>