Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 15 Apr 2009 17:17:42 +0300
From:      KES <kes-kes@yandex.ru>
To:        freebsd-questions@freebsd.org
Subject:   IPFW: table approvement
Message-ID:  <1167150673.20090415171742@yandex.ru>
In-Reply-To: <444863973520529021572@ipd-office>
References:  <444863973520529021572@ipd-office>

next in thread | previous in thread | raw e-mail | index | archive | help
Hi.

Is it right place to post ideas?

If it is lets suggest next approvement

IPFW has 'table' command
each table entry has some 'tablearg'

There are situations when you need each entry has multiple values.
For example:


#NAT
table 1 add 10.0.1.0/24 1
table 1 add 10.0.2.0/24 2

#PIPE
table 2 add 10.0.1.0/24 3
table 2 add 10.0.2.0/24 4

#tag
table 3 add 10.0.1.0/24 7
table 4 add 10.0.2.0/24 9

ipfw add XXX tag  tablearg all from table(1) to any
ipfw add XXX nat  tablearg all from table(2) to any
ipfw add XXX pipe tablearg all from table(3) to any


I will be best if it can be optimized as next:
table 1 add 10.0.1.0/24 1 3 7
table 1 add 10.0.2.0/24 2 4 9

#user can name columns as:
table 1 columns nat pipe tag

#1. compatibility: first column can be used as usual
ipfw add XXX tag tablearg all from table(1) to any

#2. you may use value from second column of table entry as:
ipfw add XXX nat tablearg(2) all from table(1) to any

#3. you may use value by name
ipfw add XXX pipe tablearg(pipe) all from table(1) to any

#4. finally it will be good to apply multiple commands to one rule:
ipfw add XXX pipe tablearg(pipe) nat tablearg(2) tag tablearg all from table(1) to any

What do you think?

-- 
С уважением,
 KES                          mailto:kes-kes@yandex.ru




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1167150673.20090415171742>