From owner-freebsd-net Thu Jul 26 9:53:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.numachi.com (numachi.numachi.com [198.175.254.2]) by hub.freebsd.org (Postfix) with SMTP id 9DB0837B405 for ; Thu, 26 Jul 2001 09:53:25 -0700 (PDT) (envelope-from reichert@natto.numachi.com) Received: (qmail 27320 invoked by uid 3001); 26 Jul 2001 16:53:21 -0000 Received: from natto.numachi.com (198.175.254.216) by numachi.numachi.com with SMTP; 26 Jul 2001 16:53:21 -0000 Received: (qmail 79830 invoked by uid 1001); 26 Jul 2001 16:53:21 -0000 Date: Thu, 26 Jul 2001 12:53:21 -0400 From: Brian Reichert To: freebsd-net@freebsd.org Subject: filtering with netgraph? Message-ID: <20010726125321.D79454@numachi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I need to put together a bridging packet filter. I've done so in the past with bridge(4) and ipfw(8), and am willing to do so again. However, there seems to be a great deal of interest nowadays in using netgraph(4). Two things I haven't yet been able to glean from the archives (yet, pointers appreciated): - Is it currently achieveable? I get the impression from "here are many node types yet to be written: An implementation of the Dynamic Packet Filter as a netgraph node. DPF is sort of a hyper-speed JIT compiling version of BPF." that such an ability is not quite in place yet. - Would a netgraph-based bridge be limited to the set of interfaces documented in bridge(4)? Just fishing for info... -- Brian 'you Bastard' Reichert 37 Crystal Ave. #303 Daytime number: (603) 434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message