Date: Tue, 28 Apr 1998 10:33:38 +0100 From: Chrisy Luke <chrisy@flix.net> To: David Muir Sharnoff <muir@idiom.com> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: Routing problem that I need solved. Message-ID: <19980428103338.19612@flix.net> In-Reply-To: <199804280755.AAA11300@idiom.com>; from David Muir Sharnoff on Tue, Apr 28, 1998 at 12:55:47AM -0700 References: <199804280755.AAA11300@idiom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
David Muir Sharnoff wrote (on Apr 28): > ipfw add 140 pass through 140.174.37.21 all from 140.174.82/24 to any > ipfw add 150 pass through 209.66.121.1 all from 209.66.121/24 to any > > The semantics of "pass through" are that the next hop for the packet > will be chosen as if it were bound for the address given. The same rule > can be deployed throughout my network. I see what you're trying to achieve. It should be simple to do - though there will be a penalty hit (although small on a router with only a few routes) since it will already have scanned the routing tree for a next hop based on destination. But that's swings-n-roundabouts. First of all you'd need to pass a pointer to "dst" from netinet/ip_output.c::ip_output() in the calls to ip_fw_chk(). Then you would need a bit of code in netinet/ip_fw.c::ip_fw_chk() in the switch (f->fw_flg & IP_FW_F_COMMAND) when it matches a rule to modifiy the newly passwd "dst" variable. This doesn't require anything like a new checksum because it's not stored in the packet. The kernel then goes and arpresolves "dst" for forwarding to a MAC address. This would achieve it precisely, with the extra logic to get the rule into the table in the first place, of course. I was planning on doing something very similar anyway - this is basically a "forward on FW rule" engine, so you could forward to addresses based on TCP port, etc. Except I was going to do a multipath one, of course. :-) Since there's interest, I'll have a go at it today... Chris. -- == chris@easynet.net, chrisy@flix.net, chrisy@flirble.org. == Head of Systems for Easynet Group PLC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980428103338.19612>