From owner-freebsd-ipfw@FreeBSD.ORG Mon Jan 11 08:02:51 2010 Return-Path: Delivered-To: ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6CFBC1065672 for ; Mon, 11 Jan 2010 08:02:51 +0000 (UTC) (envelope-from luigi@onelab2.iet.unipi.it) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id 314838FC13 for ; Mon, 11 Jan 2010 08:02:50 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id D9C17730A1; Mon, 11 Jan 2010 09:10:55 +0100 (CET) Date: Mon, 11 Jan 2010 09:10:55 +0100 From: Luigi Rizzo To: Julian Elischer Message-ID: <20100111081055.GA37788@onelab2.iet.unipi.it> References: <20091209183821.GA40814@onelab2.iet.unipi.it> <4B4AD98A.2080508@elischer.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4B4AD98A.2080508@elischer.org> User-Agent: Mutt/1.4.2.3i Cc: Maxim Ignatenko , ipfw@freebsd.org Subject: Re: RFC: new ipfw options X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Jan 2010 08:02:51 -0000 On Sun, Jan 10, 2010 at 11:55:54PM -0800, Julian Elischer wrote: > Maxim Ignatenko wrote: > >2009/12/9 Luigi Rizzo : > >>3. a hash version of 'table's > >> > >> Right now ipfw tables are implented as routing tables, which is > >> great if you have to lookup a longest matching prefix, but a > >> bit overkill if you care only for ports or jail ids, and > >> totally uninteresting if you want to lookup flow ids, > >> or generic sequence of bytes. My plan here is to reuse the > >> ipfw hash tables to make them available for 'ipfw table ...' > >> commands. To avoid code and syntax bloat, I'd use the number > >> 0..TABLE_MAX-1 for the existing prefix tables, and > >> TABLE_MAX..2TABLE_MAX-1 for the new hash tables. > >> > >>comments welcome > >> > > > >I think better use another name ('htable' for example) instead of > >overloading the old one. > >And thanks for great ideas. > >_______________________________________________ > >freebsd-ipfw@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > >To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > please keep teh current tables for IP addresses, longes prefix > matching is really hard to do right on other schemes with > the same behaviour. I know, I've tried :-) > > the answer id to have different types of tabels I guess, but don't > try combine when things should remain different. for the time being i am not touching tables -- for my immediate needs (matching ports and uid/jails) the radix tree is almost as good as hash tables, so i am using them (code is already in HEAD -- see the "lookup XXX" option). cheers luigi