Date: Wed, 22 Jun 2005 19:19:44 +0300 From: Ari Suutari <ari@suutari.iki.fi> To: Luigi Rizzo <rizzo@icir.org> Cc: freebsd-net@freebsd.org Subject: Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?) Message-ID: <42B98FA0.3030805@suutari.iki.fi> In-Reply-To: <20050622053307.B90964@xorpc.icir.org> References: <42B7B352.8040806@suutari.iki.fi> <20050621170649.B82876@xorpc.icir.org> <42B94023.3090202@suutari.iki.fi> <20050622053307.B90964@xorpc.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> yes i think you should reuse the tag, just add a new opcode so that
> the action is attach the mtag to the mbuf if not there yet
> (maybe override its content if you believe you could match multiple rules of
> this type) and then continue processing as in a 'count' action.
Differences to "ipfw fwd" seem to be minimal. Maybe a sysctl
which changes fwd rule behaviour so that it can either work
as before or similar to 'count' action would be better solution ?
This would be similar to net.inet.ip.fw.one_pass.
(I'm not very actively pushing to sysctl solution, I would
just like to find out best approach before starting actual
coding)
Ari S.
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.7.10/25 - Release Date: 21.6.2005
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42B98FA0.3030805>