From owner-freebsd-net@FreeBSD.ORG  Tue Jun 21 06:27:44 2005
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1E90C16A41C
	for <freebsd-net@freebsd.org>; Tue, 21 Jun 2005 06:27:44 +0000 (GMT)
	(envelope-from ari@suutari.iki.fi)
Received: from espresso2.syncrontech.com (sync-old.syncrontech.com
	[213.28.98.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6DAE943D49
	for <freebsd-net@freebsd.org>; Tue, 21 Jun 2005 06:27:40 +0000 (GMT)
	(envelope-from ari@suutari.iki.fi)
Received: from guinness.syncrontech.com (guinness.syncrontech.com [62.71.8.57])
	by espresso2.syncrontech.com (8.12.11/8.12.11) with ESMTP id
	j5L6RcWb096221
	for <freebsd-net@freebsd.org>; Tue, 21 Jun 2005 09:27:38 +0300 (EEST)
	(envelope-from ari@suutari.iki.fi)
Received: from [62.71.8.37] (coffee.syncrontech.com [62.71.8.37])
	by guinness.syncrontech.com (8.12.11/8.12.11) with ESMTP id
	j5L6RWx5028588
	for <freebsd-net@freebsd.org>; Tue, 21 Jun 2005 09:27:33 +0300 (EEST)
	(envelope-from ari@suutari.iki.fi)
Message-ID: <42B7B352.8040806@suutari.iki.fi>
Date: Tue, 21 Jun 2005 09:27:30 +0300
From: Ari Suutari <ari@suutari.iki.fi>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-net@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Policy routing idea (Was: ipfw: Would  it be possible to continue
 processing rest of rules after match ?)
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jun 2005 06:27:44 -0000

Hi,

I sent this to ipfw mailing list some time ago, but
got no response. I would like to adjust ipfw behaviour
with fwd rules to make policy routing easier (ie. make
it separete from filtering rules). I would just like
some input if this makes any sense (or is possible at
all with current design).

 >Currently the ipfw fwd rules work so that the packet
 >is accepted when fwd rule matches.
 >
 >Would it be possible just tag the packet with
 >information about next_hop and just continue processing the
 >rules ? This would make complex rulesets with policy-based
 >routing much simpler, since one could just have relevat
 >fwd statments at beginning of rule sets and then
 >filter the packets in usual way.

	Ari S.