Date: Thu, 26 Jul 2001 13:32:00 -0700 (PDT) From: Julian Elischer <julian@elischer.org> To: Brian Reichert <reichert@numachi.com> Cc: freebsd-net@freebsd.org Subject: Re: filtering with netgraph? Message-ID: <Pine.BSF.4.21.0107261321510.10515-100000@InterJet.elischer.org> In-Reply-To: <20010726125321.D79454@numachi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 26 Jul 2001, Brian Reichert wrote: > I need to put together a bridging packet filter. I've done so in > the past with bridge(4) and ipfw(8), and am willing to do so again. > > However, there seems to be a great deal of interest nowadays in > using netgraph(4). > > Two things I haven't yet been able to glean from the archives (yet, > pointers appreciated): > > - Is it currently achieveable? I get the impression from > > <http://www.daemonnews.org/200003/netgraph.html> > > "here are many node types yet to be written: > > An implementation of the Dynamic Packet Filter as a netgraph > node. DPF is sort of a hyper-speed JIT compiling version of > BPF." > > that such an ability is not quite in place yet. yes and no.. there is a BPF node that takes BPF filter expressions and selects between one of a number of hooks using that. there is also an ipfw node (not checked in) that can be used (mentionned several times in the lists... Needs updating and someone said they were going to do that..) lastly, you could implement DPF :-) (it's part of the exokernel project) (MIT) given that then I think we could alter the 'bridge' node to know how to hook onto a filter. > > - Would a netgraph-based bridge be limited to the set of interfaces > documented in bridge(4)? NO, and these days even the other bridging is supported by teh base ethernet code rather than a particular driver (I think) > > Just fishing for info... > > -- > Brian 'you Bastard' Reichert <reichert@numachi.com> > 37 Crystal Ave. #303 Daytime number: (603) 434-6842 > Derry NH 03038-1713 USA Intel architecture: the left-hand path > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107261321510.10515-100000>