From owner-freebsd-net@FreeBSD.ORG  Sat May 13 09:38:01 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 87F9016A400;
	Sat, 13 May 2006 09:38:01 +0000 (UTC)
	(envelope-from julian@elischer.org)
Received: from a50.ironport.com (a50.ironport.com [63.251.108.112])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 488CA43D48;
	Sat, 13 May 2006 09:38:01 +0000 (GMT)
	(envelope-from julian@elischer.org)
Received: from unknown (HELO [192.168.2.2]) ([10.251.60.46])
	by a50.ironport.com with ESMTP; 13 May 2006 02:38:01 -0700
Message-ID: <4465A8F8.2020601@elischer.org>
Date: Sat, 13 May 2006 02:38:00 -0700
From: Julian Elischer <julian@elischer.org>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US;
	rv:1.7.13) Gecko/20060414
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Vadim Goncharov <vadimnuclight@tpu.ru>
References: <ops9fwnzbw17d6mn@nuclight.avtf.net>	<44648E66.6010800@freebsdbrasil.com.br>	<20060512065327.B16302@xorpc.icir.org>	<ops9f3lwis4fjv08@nuclight.avtf.net>	<20060512085631.A19484@xorpc.icir.org>
	<ops9hgqpmr4fjv08@nuclight.avtf.net>
In-Reply-To: <ops9hgqpmr4fjv08@nuclight.avtf.net>
Content-Type: text/plain; charset=KOI8-R; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Luigi Rizzo <rizzo@icir.org>, freebsd-ipfw@freebsd.org,
	freebsd-net@freebsd.org
Subject: Re: [patch] ipfw packet tagging
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 13 May 2006 09:38:01 -0000

Vadim Goncharov wrote:

> 12.05.06 22:56 Luigi Rizzo wrote:
>
>>> A question about features: is it worth adding functionality of matching
>>> range of tags? For example:
>>>
>>> ipfw add pass ip from any to any tagged 1-5,10,20
>>
>>
>> i think it is a useful feature, and if you reuse the existing code
>> for matching port ranges etc to implement it, performance should
>> be reasonably good.
>
>
> OK, Andrey made new version of patches available:
> http://butcher.heavennet.ru/patches/kernel/ipfw_tags/
>
> Manpage patch is integrated as well as new untag/tagged range  
> functionality,
> based on existing port ranges matching code. Short test shown that it  
> works.


I might suggest that the new 'tablearg' keyword be useable in a tag
command allowing a table to contain entries that give different tags.
(I don't think it is in 5 but it may be in 6.. (not sure))

would be cool however.