From owner-freebsd-ipfw@FreeBSD.ORG  Thu Mar 11 17:56:59 2010
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1BC9710657CC
	for <freebsd-ipfw@freebsd.org>; Thu, 11 Mar 2010 17:56:59 +0000 (UTC)
	(envelope-from julian@elischer.org)
Received: from out-0.mx.aerioconnect.net (out-0-30.mx.aerioconnect.net
	[216.240.47.90])
	by mx1.freebsd.org (Postfix) with ESMTP id F286B8FC1D
	for <freebsd-ipfw@freebsd.org>; Thu, 11 Mar 2010 17:56:58 +0000 (UTC)
Received: from idiom.com (postfix@mx0.idiom.com [216.240.32.160])
	by out-0.mx.aerioconnect.net (8.13.8/8.13.8) with ESMTP id
	o2BHuv2q002022; Thu, 11 Mar 2010 09:56:57 -0800
X-Client-Authorized: MaGic Cook1e
X-Client-Authorized: MaGic Cook1e
Received: from julian-mac.elischer.org
	(h-67-100-89-137.snfccasy.static.covad.net [67.100.89.137])
	by idiom.com (Postfix) with ESMTP id 7B3DB2D601B;
	Thu, 11 Mar 2010 09:56:57 -0800 (PST)
Message-ID: <4B992EE8.30309@elischer.org>
Date: Thu, 11 Mar 2010 09:56:56 -0800
From: Julian Elischer <julian@elischer.org>
User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812)
MIME-Version: 1.0
To: n j <nino80@gmail.com>
References: <92bcbda51003100912k25facb5cxc9047105c91a4022@mail.gmail.com>
	<4B97E412.1050506@elischer.org> <4B981FE5.5090905@smartt.com>
	<4B9828B2.2010903@elischer.org>
	<92bcbda51003110047s717bed1bq8bb3eb787eab47f7@mail.gmail.com>
In-Reply-To: <92bcbda51003110047s717bed1bq8bb3eb787eab47f7@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.67 on 216.240.47.51
Cc: freebsd-ipfw@freebsd.org
Subject: Re: IPFIREWALL_FORWARD
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Mar 2010 17:56:59 -0000

n j wrote:
>> A loadable module requires a coherent piece of code to implement the
>> functionality, that can be put into the module. This option
>> scatters tiny snippets of code throughout the exisitng
>> TCP/UDP/IP/ipfw code.
> 
> Is that just a matter of current implementation or is that 'scatter'
> necessary for forward functionality?

it's needed for the functionality.

you need to slightly change the behaviour or the existing stack in 
quite a number of places to handle a forwarded packet.