Date: Mon, 13 May 2002 12:38:32 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Luigi Rizzo <luigi@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/net if_ethersubr.c src/sys/netinet ip_dummynet.c ip_dummynet.h Message-ID: <12658.1021286312@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 13 May 2002 03:37:20 PDT." <200205131037.g4DAbKq89983@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Isn't it about time we go to multiple chains of rules ? In message <200205131037.g4DAbKq89983@freefall.freebsd.org>, Luigi Rizzo writes : > I will add an ipfw option to tell if we want a given rule to apply > to ether_demux() and ether_output_frame(), but we have run out of > flags in the struct ip_fw so i need to think a bit on how to implement > this. > > to upper layers > | | > +----------->-----------+ > ^ V > [ip_input] [ip_output] net.inet.ip.fw.enable=1 > | | > ^ V > [ether_demux] [ether_output_frame] net.link.ether.ipfw=1 > | | > +->- [bdg_forward]-->---+ net.link.ether.bridge_ipfw=1 > ^ V > | | > to devices > > Revision Changes Path > 1.111 +146 -0 src/sys/net/if_ethersubr.c > 1.46 +27 -5 src/sys/netinet/ip_dummynet.c > 1.19 +2 -0 src/sys/netinet/ip_dummynet.h > -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?12658.1021286312>