From owner-freebsd-ipfw@FreeBSD.ORG  Fri Aug 25 13:27:21 2006
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@freebsd.org
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A3AD916A4DA
	for <freebsd-ipfw@freebsd.org>; Fri, 25 Aug 2006 13:27:21 +0000 (UTC)
	(envelope-from if@hetzner.co.za)
Received: from hetzner.co.za (office.cpt2.your-server.co.za [196.7.147.230])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1067D43D60
	for <freebsd-ipfw@freebsd.org>; Fri, 25 Aug 2006 13:27:20 +0000 (GMT)
	(envelope-from if@hetzner.co.za)
Received: from localhost ([127.0.0.1] helo=ian.hetzner.africa)
	by hetzner.co.za with esmtp (Exim 4.62 (FreeBSD))
	(envelope-from <if@hetzner.co.za>)
	id 1GGbiP-000DFG-1B; Fri, 25 Aug 2006 15:27:17 +0200
To: Luigi Rizzo <rizzo@icir.org>
From: Ian FREISLICH <if@hetzner.co.za>
In-Reply-To: Message from Luigi Rizzo <rizzo@icir.org> of "Fri,
	25 Aug 2006 04:52:07 MST." <20060825045207.A4746@xorpc.icir.org> 
X-Attribution: BOFH
Date: Fri, 25 Aug 2006 15:27:17 +0200
Message-Id: <E1GGbiP-000DFG-1B@hetzner.co.za>
Cc: freebsd-ipfw@freebsd.org
Subject: Re: ipfw performance and random musings. 
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Aug 2006 13:27:21 -0000

Luigi Rizzo wrote:
> i am basically ok with this except, as i said, that there is
> no point in replicating the interface name i.e. why re0-re5
> instead of just re0-5 ? you just open up to possible mistakes
> and the need for extra code to check what happens when the user
> types re2-de5 (by mistake or intentionally).

Ok, it's just syntactic sugar anyway which doesn't really affect
implimentation anyway.

So, to recap.  You will be fine with although I'm now leaning toward
"factor" in stead of "delta" but that will be a trivial change and
I'd like to change "@" to "indirect".

skipto @ via vlan2-264 base 100 delta 100

or as I'd prefer

skipto indirect via vlan2-264 base 100 factor 100

Only thing is that this slightly complicates displaying the rules
since the indirection is stored in the ipfw_insn_if structure so
at this time it's not known whether this is an indirection or not.

        /*
         * first print actions
         */
        for (l = rule->cmd_len - rule->act_ofs, cmd = ACTION_PTR(rule);
                        l > 0 ; l -= F_LEN(cmd), cmd += F_LEN(cmd)) {
                switch(cmd->opcode) {
...
                case O_SKIPTO:
                        PRINT_UINT_ARG("skipto ", cmd->arg1);
                        break;

I guess cmd->arg1 == 0 could be abused to flag this state.  Are you
happy with that?

Ian

--
Ian Freislich