Date: Mon, 25 Sep 2006 13:57:26 +0400 From: Roman Bogorodskiy <novel@FreeBSD.org> To: "Andrey V. Elsukov" <bu7cher@yandex.ru> Cc: freebsd-ipfw@FreeBSD.org, Gleb Smirnoff <glebius@FreeBSD.org>, Oleg Bulyzhin <oleg@FreeBSD.org>, Luigi Rizzo <rizzo@icir.org> Subject: Re: kern/103454: [ipfw] [patch] add a facility to modify DF bit of the IP packet Message-ID: <20060925095726.GC99061@novel.fannet.ru> In-Reply-To: <4513641C.3010002@yandex.ru> References: <200609211400.k8LE0uMN075069@freefall.freebsd.org> <4513641C.3010002@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--lCAWRPmW1mITcIfM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Andrey V. Elsukov wrote:
> Roman Bogorodskiy wrote:
> > +.It Cm setdf Ar value
> > +Changes
> > +.Cm DF
> > +bit of the IP packet.
> > +Value may be 0 (May Fragment) or 1 (Don't Fragment).
>=20
> May be, it would be more handy make this feature via modifier
> (not an action).
> Rule format:
> <action> [setdf|resetdf] <rule body>
>=20
> Or more extensible, use not only DF modification:
> <action> [{modip [DF|TOS|DSCP|TTL]}] <rule body>
Yeah, that's nice idea. However, I have already working DF bit stuff and
tos/dscp stuff as well (kern/102471) implemented in another way. And
since committers don't seem to show intested in these
patches/functionaliy, I'm not quite sure if I need to waste time on
re-implementing it because it would be pretty useless if these patches
would hang in GNATS forever.
> I think this is easy to pack any of an instructions into one
> ipfw_insn_xx structure.
>=20
> > + case O_SET_IPDF:
> > + switch (cmd->arg1) {
> > + case 0:
> > + ip->ip_off &=3D3D ~IP_DF;
> > + break;
> > + case 1:
> > + ip->ip_off |=3D3D IP_DF;
> > + break;
> > + default:
> > + goto next_rule;
> > + /* NOTREACHED */
>=20
> We can check cmd->arg1 for correct values in the ipfw_chk
> function.
Hm, sorry... could you clearify it to me please?
--lCAWRPmW1mITcIfM
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
iQCVAwUBRReoBoB0WzgdqspGAQJtrgQAkTNQq4uLFhc2qAkhyswkSvmOCquuJ4lO
4AVZzz0Dj8IXgcs7vdkWdWjhv3SL7AuxTpSnPoh02a/MuWyeQBEhFks0UdCcBASu
qxZmaCfqiELCeckNHuajbe8SR+q1GpK6errpeVAzT7MSpziZzQdD5AjTABHG4Dqq
59j13KVIZHE=
=Erke
-----END PGP SIGNATURE-----
--lCAWRPmW1mITcIfM--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060925095726.GC99061>