From owner-freebsd-net@FreeBSD.ORG Tue Jun 28 10:27:18 2005 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C579416A41C for ; Tue, 28 Jun 2005 10:27:18 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from postfix4-1.free.fr (postfix4-1.free.fr [213.228.0.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id 89AF643D53 for ; Tue, 28 Jun 2005 10:27:18 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98]) by postfix4-1.free.fr (Postfix) with ESMTP id 53136318087; Tue, 28 Jun 2005 12:27:16 +0200 (CEST) Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000) id 7B773405B; Tue, 28 Jun 2005 12:27:29 +0200 (CEST) Date: Tue, 28 Jun 2005 12:27:28 +0200 From: Jeremie Le Hen To: Max Laier Message-ID: <20050628102728.GZ1283@obiwan.tataz.chchile.org> References: <42C0DB3B.6000606@elischer.org> <20050628074640.GY1283@obiwan.tataz.chchile.org> <200506281139.17582.net@dino.sk> <200506281147.13299.max@love2party.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200506281147.13299.max@love2party.net> User-Agent: Mutt/1.5.9i Cc: freebsd-net@freebsd.org, Milan Obuch , Julian Elischer Subject: Re: Julian's netowrking challenge 2005 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jun 2005 10:27:18 -0000 > Wouldn't a more general approach be better. e.g. a way to "tag" a packet > before it is sent to divert and a matching tag-lookup that can do further > action. This would make it very easy to do all kinds of stuff that needs to > know the original address instead of the translated one while avoiding code > duplication. Having the possibility to tag a packet would be worth indeed. But I think that Milan wants to bring network stack virtualization in newer release of FreeBSD IIUC. This would be, IMO, a great improvement of FreeBSD networking, although I'm pretty sure this would make Netgraph people react a bit ;-). > pf does something along these lines in case you are looking for references. Would it be possible to share this tag among pf and ipfw ? Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org >