Date: Fri, 25 Mar 2011 22:30:14 GMT From: =?UTF-8?Q?Marcin_Wi=C5=9Bnicki?= <mwisnicki@gmail.com> To: freebsd-pf@FreeBSD.org Subject: Re: kern/148260: [pf] [patch] pf rdr incompatible with dummynet Message-ID: <201103252230.p2PMUEJM006105@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/148260; it has been noted by GNATS. From: =?UTF-8?Q?Marcin_Wi=C5=9Bnicki?= <mwisnicki@gmail.com> To: bug-followup <bug-followup@FreeBSD.org>, adg <adg@a-real.ru> Cc: Subject: Re: kern/148260: [pf] [patch] pf rdr incompatible with dummynet Date: Fri, 25 Mar 2011 22:52:22 +0100 How about a more generic solution: Add new mbuf tag PACKET_TAG_PFIL_RESUME_FROM that contains address of a function registered with pfil_add_hook (ipfw_check_hook in this case) and modify pfil_run_hooks() to skip all hooks until that one (if such tag is present). Before reinjecting packet into ip_output by dummynet, prepend this m_tag to mbuf (also strip that tag if it ever comes back?). I don't know if mbuf api allows it but such tag could theoretically have just one instance (created on dummynet module load) to avoid allocation costs. This way you don't have to put ugly workaround in every pfil consumer.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201103252230.p2PMUEJM006105>