Date: Tue, 23 Oct 2012 21:31:18 +0200 From: Andre Oppermann <andre@freebsd.org> To: Andre Oppermann <andre@FreeBSD.org> Cc: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: Re: svn commit: r241966 - user/andre/tcp_workqueue/sys/net Message-ID: <5086F086.6080000@freebsd.org> In-Reply-To: <201210231926.q9NJQnqu039908@svn.freebsd.org> References: <201210231926.q9NJQnqu039908@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 23.10.2012 21:26, Andre Oppermann wrote: > Author: andre > Date: Tue Oct 23 19:26:49 2012 > New Revision: 241966 > URL: http://svn.freebsd.org/changeset/base/241966 > > Log: > Extend PFIL hooks with explicit hook ordering and reinjecting of > packets into the chain after a particular hook. > > Add pfil_add_hook_order() taking a numerical value between 0-255 > to specify the relative position of this hook in the list of all > hooks. Lower numbers have higher ordering (ie. will run first). > Within a particular order value the last added will be the first > to run. Three fixed positions are defined: > PFIL_ORDER_FIRST 0 > PFIL_ORDER_DEFAULT 200 > PFIL_ORDER_LAST 255 > > Previously the order was non-deterministic and dependent on the > ordering of the add hook calls. The last added would always > become the first to run. > > Non-ordering aware pfil consumers using the pfil_add_hook() call > get PFIL_ORDER_DEFAULT assigned resulting in the previous ordering. > > The ordering is determined at hookup time by the pfil consumer > and no tool for later manual re-ordering is provided. Most well > known pfil consumers are expected to have a predetermined preferred > position in the order. A tool or sysctl reporting the order of > hooked pfil consumers will be provided later. > > Add pfil_run_inject() taking an opaque cookie value obtained with > pfil_get_cookie() after the hook is added. Processing of the hook > chain skips all hooks until after the one with the same cookie. > The cookie is valid as long as this hook remains hooked. If no > cookie is found processing is started with the first hook again. > If the cookie is invalid processing of all hooks is effectively > skipped. > > With this pfil hooks consumers can dequeue packets for further > processing and later re-inject them with the next hook. Besides the obvious ordering solution to the exiting pfil consumers my idea is to explore converting most of ether_input/output and IPsec processing to pfil hooks. This will need some further definitions for the default PFIL_ORDER points but that'll happen when there's some practical experimenting with running it. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5086F086.6080000>