From owner-freebsd-hackers Thu Apr 23 06:36:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA00172 for freebsd-hackers-outgoing; Thu, 23 Apr 1998 06:36:05 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from ns1.yes.no (ns1.yes.no [195.119.24.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA00138 for ; Thu, 23 Apr 1998 06:35:47 -0700 (PDT) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [194.198.43.36]) by ns1.yes.no (8.8.7/8.8.7) with ESMTP id NAA00597; Thu, 23 Apr 1998 13:35:44 GMT Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id PAA03213; Thu, 23 Apr 1998 15:35:43 +0200 (MET DST) Message-ID: <9804231217.AA01806@avalon.reed.wattle.id.au.> Date: Thu, 23 Apr 1998 15:35:43 +0200 From: Darren Reed To: Eivind Eklund Cc: hackers@FreeBSD.ORG Subject: Re: changing ipfw interface (was Re: cvs commit: src/sys/netinet ip_fw.c) Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.89.1i In-Reply-To: <19980423135332.35381@follo.net> from "Eivind Eklund" at Apr 23, 98 01:53:32 pm X-Mailer: ELM [version 2.4 PL23] Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In some email I received from Eivind Eklund, sie wrote: [...] > Well, what do you think? To me, it seems that it is effectively duplicating the BPF code, plus you'd have a much more flexible solution with BPF and less "extra code" in the kernel. Of course, maybe you don't want to write an ipfw rule -> BPF converter :) Plus, it only solves half of the problem - structure size changing but not capabilities. If you ever remove a capability, the filter rules could be screwed. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message