Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 5 Jan 2010 19:26:43 +0100
From:      Luigi Rizzo <rizzo@iet.unipi.it>
To:        Ermal Lu?i <eri@freebsd.org>
Cc:        Luigi Rizzo <luigi@freebsd.org>, src-committers@freebsd.org, svn-src-user@freebsd.org
Subject:   Re: svn commit: r201517 - in user/luigi/ipfw3-head/sys/netinet: . ipfw
Message-ID:  <20100105182643.GA93051@onelab2.iet.unipi.it>
In-Reply-To: <9a542da31001051006r61af058eg715c29ef0d3d2020@mail.gmail.com>
References:  <201001041658.o04GwFfG023749@svn.freebsd.org> <9a542da31001051006r61af058eg715c29ef0d3d2020@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, Jan 05, 2010 at 07:06:51PM +0100, Ermal Lu?i wrote:
> On Mon, Jan 4, 2010 at 5:58 PM, Luigi Rizzo <luigi@freebsd.org> wrote:
> 
> > Author: luigi
> > Date: Mon Jan  4 16:58:15 2010
> > New Revision: 201517
> > URL: http://svn.freebsd.org/changeset/base/201517
> >
> > Log:
> >  divert has no specific API so we don't really need an ip_divert.h
> >
> >
> >  DECLARE_MODULE(ipdivert, ipdivertmod, SI_SUB_PROTO_IFATTACHDOMAIN,
> > SI_ORDER_ANY);
> > -MODULE_DEPEND(dummynet, ipfw, 2, 2, 2);
> > +MODULE_DEPEND(ipdivert, ipfw, 2, 2, 2);
> >  MODULE_VERSION(ipdivert, 1);
> >
> 
> I would suggest to remove the dependency altogether  since divert(4) does
> not really depend on ipfw(4). Furthermore, the newest pf(4) can work
> together with divert(4) so the it will have more than one consumer in the
> tree.

I was not aware of pf support -- in fact, i wonder how divert could work
without ipfw because the function pointer ip_divert_ptr at the moment
is defined in ip_fw_pfil.c .

There are in fact, I believe, two things that enforce the dependency:
1. the ip_divert_ptr above. We should move it elsewhere, in the
  standard ip_* files;

2. the tag that is attached to the packet to record the reinject cookie
  (I have recently redefined it as MTAG_IPFW_RULE because i was
  not aware of the pf(4) support -- i need to revert/fix this if
  we want divert and pf cooperation (though note that I tried to
  have the same mtag format for all reinjected packets -- dummynet,
  divert, netgraph, ... so once we fix it for one application it
  should work for all with no special code).

cheers
luigi

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100105182643.GA93051>