Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 17 Apr 2004 03:17:42 -0500
From:      Mark Nipper <nipsy@tamu.edu>
To:        Julian Elischer <julian@elischer.org>
Cc:        current@freebsd.org
Subject:   Re: RFC: ported NetBSD if_bridge
Message-ID:  <20040417081741.GA87909@ops.tamu.edu>
In-Reply-To: <Pine.BSF.4.21.0404170052480.66312-100000@InterJet.elischer.org>
References:  <20040417074543.GB77469@ops.tamu.edu> <Pine.BSF.4.21.0404170052480.66312-100000@InterJet.elischer.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On 17 Apr 2004, Julian Elischer wrote:
> that means I need an ng_ether node, an ng_etf, a ng_bridge, an
> ng_ksocket and an ng_socket..
> plug plug plug... done...
> and if there isn't a node to do what you want..
> 
> cd /sys/netgraph
> cp ng_sample.c ng_mytype.c
> vi mytype.c
> [hack hack]
> 
> submit back to tree....

	I absolutely agree with everything else you said except
this.  :)  I think it is a little presumptuous to tell every user
to sit down and knock out their own module if an ng module does
not already exist for what they are trying to do.  Sure, ng_bpf
exists, but does it do what say Snort does without additional
programming (yes, I know, bad example!).  Hence the problem with
a lot of ng related tasks; coding is never too far from the realm
of possibility.

	Which, incidentally, was why I chose OpenBSD over FreeBSD
for the Snort box/firewall I was working on.  The bridge
manipulations made perfect sense the first time I looked at them
and PF did everything it could normally do (including the
redirects to localhost), even over a bridged interface.  I even
ended up in a debate with a die hard FreeBSD'er who was mumbling
about whipping up some code to provide similar functionality with
ng.  And I was like great, then go code it!  I'll just start
implementing this other solution now which already works and
required no coding on my part, which admittedly, is not my strong
suit.  Needless to say, I was finished first.

	Blah.  umount soapbox.  I hate to waste the devlopers'
time with silly e-mail too!  :)

-- 
Mark Nipper                                                e-contacts:
Computing and Information Services                      nipsy@tamu.edu
Texas A&M University                        http://ops.tamu.edu/nipsy/
College Station, TX 77843-3142     AIM/Yahoo: texasnipsy ICQ: 66971617
(979)575-3193                                      MSN: nipsy@tamu.edu

-----BEGIN GEEK CODE BLOCK-----
GG/IT d- s++:+ a- C++$ UBL+++$ P--->+++ L+++$ E---
W++ N+ o K++ w(---) O++ M V(--) PS+++(+) PE(--) Y+
PGP++(+) t 5 X R tv b+++ DI+(++) D+ G e h r++ y+(**)
------END GEEK CODE BLOCK------

---begin random quote of the moment---
When I die, I want to peacefully die in my sleep, like my
grandfather did, not screaming like the passengers in his car
did!
----end random quote of the moment----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040417081741.GA87909>