From owner-freebsd-net@FreeBSD.ORG Mon Apr 19 11:57:26 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2652516A4CE; Mon, 19 Apr 2004 11:57:26 -0700 (PDT) Received: from sccrmhc13.comcast.net (sccrmhc13.comcast.net [204.127.202.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id AB39E43D46; Mon, 19 Apr 2004 11:57:23 -0700 (PDT) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([24.7.73.28]) by comcast.net (sccrmhc13) with ESMTP id <20040419185722016003q2sfe>; Mon, 19 Apr 2004 18:57:22 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id LAA03944; Mon, 19 Apr 2004 11:57:20 -0700 (PDT) Date: Mon, 19 Apr 2004 11:57:19 -0700 (PDT) From: Julian Elischer To: Ruslan Ermilov In-Reply-To: <20040419081225.GG39799@ip.net.ua> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Daniel O'Connor cc: freebsd-net@freebsd.org Subject: Re: Netgraph and non-ethernet nodes? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Apr 2004 18:57:26 -0000 On Mon, 19 Apr 2004, Ruslan Ermilov wrote: > On Mon, Apr 19, 2004 at 01:02:31AM -0700, Julian Elischer wrote: > > > > > > On Mon, 19 Apr 2004, Daniel O'Connor wrote: > > > > > On Mon, 19 Apr 2004 13:09, Brooks Davis wrote: > > > > On Mon, Apr 19, 2004 at 12:56:24PM +0930, Daniel O'Connor wrote: > > > > > The recent emails about the bridge code from NetBSD made me interested in > > > > > using netgraph to run snort on the combined traffic rather than having to > > > > > run 2 copies (since we tunnel our class C using gif over IP over > > > > > ethernet), however I can't see how to hook netgraph into a non-ethernet > > > > > node :( > > > > > > > > > > Does anyone know if/how you can do it? (Specifically for gif) > > > > > > > > How about nf_gif(4)? > > > > > > Hmm, I see the man page, but no module.. Ahh, it doesn't appear to be built by > > > default.. > > > > > > And it's not on my -stable box, guess I should do a manual merge :) > > > > > > > there are some basic differences between netgraph nodes in -current and > > in 4.x > > check out the differences in a few nodes (e.g. ng_sample.c) > > > > to see what they are. > > > > in particular... in 4.x and earlier, the mbuf and metadaa are handled > > separatly as arguments to things but in 5.x > > they are both held in (well a pointer is in..) a struct item. > > > > which is passed around... the item structure needs to be freed if you > > destroy it and there are macros to extract the mbuf and metadata > > from the item. This is because in 5.x we often need to queue teh packet > > including metadata and the 'item' is what is queued. > > > While we're on this topic, I wonder if you have plans to get rid > of non-funcional diffs for ng_sample.[ch] between RELENG_4 and > HEAD? If not, I could do it, and send you a patch (for RELENG_4) > for review. let me see what you propose. > > > Cheers, > -- > Ruslan Ermilov > ru@FreeBSD.org > FreeBSD committer >