From owner-freebsd-ipfw Wed Nov 24 14:43:43 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: from chai.torrentnet.com (chai.torrentnet.com [198.78.51.73]) by hub.freebsd.org (Postfix) with ESMTP id 2EB5F14BDA; Wed, 24 Nov 1999 14:43:38 -0800 (PST) (envelope-from bakul@torrentnet.com) Received: from chai.torrentnet.com (localhost [127.0.0.1]) by chai.torrentnet.com (8.8.8/8.8.5) with ESMTP id RAA13782; Wed, 24 Nov 1999 17:42:38 -0500 (EST) Message-Id: <199911242242.RAA13782@chai.torrentnet.com> To: "Louis A. Mamakos" Cc: "Rodney W. Grimes" , ahl@austclear.com.au (Tony Landells), ipfw@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: new IPFW In-reply-to: Your message of "Wed, 24 Nov 1999 17:31:30 EST." <199911242231.RAA21036@whizzo.transsys.com> Date: Wed, 24 Nov 1999 17:42:38 -0500 From: Bakul Shah Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > It worked quite well. The one extension which would be valuable is more > an extension of the BPF expression compiler rather than the engine itself; > if would be valuable to be able to return a value from the BPF-engine > program so that it could be acted on. The engine itself has this capability, > but the existing tcpdump intended expression compiler doesn't currently > have syntax to support it. What would be neat is an extensible filter language that maps symbolic names to a filter expression on packet fields as well as a printer language that allows specifying how things get printed. Right now you have to extend tcpdump's print routines for the latter. Also, there is no good reason why the print routines shouldn't be in a library like libpcap so that tcpdump is just a main program relying almost completely on a library. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message