From owner-freebsd-pf@FreeBSD.ORG Mon Aug 22 02:45:43 2011 Return-Path: Delivered-To: freebsd-pf@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C5849106566B; Mon, 22 Aug 2011 02:45:43 +0000 (UTC) (envelope-from peter.jeremy@alcatel-lucent.com) Received: from ihemail2.lucent.com (ihemail2.lucent.com [135.245.0.35]) by mx1.freebsd.org (Postfix) with ESMTP id 846568FC1E; Mon, 22 Aug 2011 02:45:43 +0000 (UTC) Received: from usnavsmail4.ndc.alcatel-lucent.com (usnavsmail4.ndc.alcatel-lucent.com [135.3.39.12]) by ihemail2.lucent.com (8.13.8/IER-o) with ESMTP id p7M2VK2B007473 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 21 Aug 2011 21:31:20 -0500 (CDT) Received: from unixmail.au.alcatel-lucent.com (unixmail.au.alcatel-lucent.com [139.188.42.130]) by usnavsmail4.ndc.alcatel-lucent.com (8.14.3/8.14.3/GMO) with ESMTP id p7M2VGad030266 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 21 Aug 2011 21:31:19 -0500 Received: from insmb.au.alcatel-lucent.com (insmb.au.alcatel-lucent.com [139.188.42.184]) by unixmail.au.alcatel-lucent.com (8.13.8+Sun/8.13.3) with ESMTP id p7M2VFxm005629; Mon, 22 Aug 2011 12:31:15 +1000 (EST) Received: from pjdesk.au.alcatel-lucent.com (pjdesk.au.alcatel-lucent.com [139.188.2.2]) by insmb.au.alcatel-lucent.com (8.13.8+Sun/8.13.8) with ESMTP id p7M2NiSa011209; Mon, 22 Aug 2011 12:23:45 +1000 (EST) X-Bogosity: Ham, spamicity=0.000000 Received: from pjdesk.au.alcatel-lucent.com (localhost [127.0.0.1]) by pjdesk.au.alcatel-lucent.com (8.14.4/8.14.4) with ESMTP id p7M2NbcK027803; Mon, 22 Aug 2011 12:23:37 +1000 (EST) (envelope-from peter.jeremy@alcatel-lucent.com) Received: (from pjeremy@localhost) by pjdesk.au.alcatel-lucent.com (8.14.4/8.14.4/Submit) id p7M2NaIX027802; Mon, 22 Aug 2011 12:23:36 +1000 (EST) (envelope-from peter.jeremy@alcatel-lucent.com) Date: Mon, 22 Aug 2011 12:23:36 +1000 From: Peter Jeremy To: Ermal =?iso-8859-1?Q?Lu=E7i?= Message-ID: <20110822022336.GL6142@pjdesk.au.alcatel-lucent.com> References: <200710171043.08126.max@love2party.net> <9a542da30710211232v4d3c930fg8ea778a12f3f16cb@mail.gmail.com> <9a542da30710280617t11e668e2o4d122998192f71c@mail.gmail.com> <20081103060321.GA45414@server.vk2pj.dyndns.org> <9a542da30811040753m1a2728bcu365c65da8fb61721@mail.gmail.com> <20110629044233.GB65891@pjdesk.au.alcatel-lucent.com> <20110713010029.GE65891@pjdesk.au.alcatel-lucent.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="C94crkcyjafcjHxo" Content-Disposition: inline In-Reply-To: X-PGP-Key: http://members.optusnet.com.au/peterjeremy/pubkey.asc User-Agent: Mutt/1.5.21 (2010-09-15) X-Scanned-By: MIMEDefang 2.57 on 135.245.2.35 X-Scanned-By: MIMEDefang 2.64 on 135.3.39.12 Cc: "freebsd-pf@freebsd.org" Subject: Re: [PATCH] PF+dummynet X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Aug 2011 02:45:43 -0000 --C94crkcyjafcjHxo Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable [This is fairly old but has recently bubbled to the top of my TODO list] On 2011-Jul-13 23:35:44 +0800, Ermal Lu=E7i wrote: >I reverted back from having the pipes configured in pfctl because it >will be a catching game with ipfw. >To me it seems quite awkward that you cannot use ipfw to do all the >configuration and >just use the pipe/queue numbers for sending traffic to it on pfctl. Whereas, to me it seems awkward that you use pfctl to attach dummynet flows to pf rules but you can't use pfctl to manage the dmmmynet configuration. I have managed to integrate ipfw/dummynet.c into pfctl and it all seems to work for me - except that flows are not persistent so that my statistics doesn't work. I am still working through to see if this is something I broke or a new "feature". I hope to forward patches once I'm happy with it. >To me something that is glued on ipfw should stay there as it will get >the best support. >Possibly splitting dummynet configuration out to dnctl might have an argum= ent. IMHO, it would be a great improvement to separate dummynet from ipfw. --=20 Peter Jeremy --C94crkcyjafcjHxo Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (FreeBSD) iEYEARECAAYFAk5RvagACgkQ/opHv/APuIc3GwCgwDS7CRao/YXjtg9zZuYUAF6O DXgAoJzwheIJhY5g630tg1Ed1jrPiZGY =qGwM -----END PGP SIGNATURE----- --C94crkcyjafcjHxo--