Date: Tue, 21 Jun 2005 09:27:30 +0300 From: Ari Suutari <ari@suutari.iki.fi> To: freebsd-net@freebsd.org Subject: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?) Message-ID: <42B7B352.8040806@suutari.iki.fi>
next in thread | raw e-mail | index | archive | help
Hi, I sent this to ipfw mailing list some time ago, but got no response. I would like to adjust ipfw behaviour with fwd rules to make policy routing easier (ie. make it separete from filtering rules). I would just like some input if this makes any sense (or is possible at all with current design). >Currently the ipfw fwd rules work so that the packet >is accepted when fwd rule matches. > >Would it be possible just tag the packet with >information about next_hop and just continue processing the >rules ? This would make complex rulesets with policy-based >routing much simpler, since one could just have relevat >fwd statments at beginning of rule sets and then >filter the packets in usual way. Ari S.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42B7B352.8040806>