From owner-freebsd-current  Tue May 19 08:21:33 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA05318
          for freebsd-current-outgoing; Tue, 19 May 1998 08:21:33 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from ns1.yes.no (ns1.yes.no [195.119.24.10])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA05311
          for <current@FreeBSD.ORG>; Tue, 19 May 1998 08:21:30 -0700 (PDT)
          (envelope-from eivind@bitbox.follo.net)
Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218])
	by ns1.yes.no (8.8.7/8.8.7) with ESMTP id PAA00565;
	Tue, 19 May 1998 15:21:28 GMT
Received: (from eivind@localhost)
	by bitbox.follo.net (8.8.8/8.8.6) id RAA28288;
	Tue, 19 May 1998 17:21:28 +0200 (MET DST)
Message-ID: <19980519172127.08361@follo.net>
Date: Tue, 19 May 1998 17:21:27 +0200
From: Eivind Eklund <eivind@yes.no>
To: Luigi Rizzo <luigi@labinfo.iet.unipi.it>, Kenjiro Cho <kjc@csl.sony.co.jp>
Cc: current@FreeBSD.ORG
Subject: Re: struct ifnet handling...
References: <199805191038.TAA25933@hotaka.csl.sony.co.jp> <199805191149.NAA09232@labinfo.iet.unipi.it>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.89.1i
In-Reply-To: <199805191149.NAA09232@labinfo.iet.unipi.it>; from Luigi Rizzo on Tue, May 19, 1998 at 01:49:16PM +0200
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, May 19, 1998 at 01:49:16PM +0200, Luigi Rizzo wrote:
> > >> When this is done, matching interface names requires only a pointer
> > >> comparison (and furthermore, a NULL pointer can be used as an
> > >> indication that no interface match is required).
> > 
> > Use if_index instead of a pointer to the interface name.  if_index is
> > a unique interface number start from 1.  Many routing related programs
> 
> I also thought of the pointer to struct ifnet as a unique identifier,
> except that the current ipfw syntax allows wildcards to selects all
> interfaces of the same kind (e.g. all "tun", all "ed", etc.)
> 
> I don't think this makes much sense, but maybe someone depends on it.
> 
> In any case it is clear that if we want a fast firewall code,
> rules must be simplified. We now have CISC rules, should go for RISC
> ones :)

If you're interested in implementing fast firewall code, there are a
lot of changes that are more interesting than removing that strncmp().
One of them is getting rid of the dual pass through the firewall rules
- which you can do by switching to a chained system.

Eivind.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message