Date: Mon, 6 Aug 2007 13:05:25 -0300 From: "Eduardo Meyer" <dudu.meyer@gmail.com> To: ipfw@freebsd.org Subject: All I have is one packet! Message-ID: <d3ea75b30708060905p25019480i90fd1d71dc9120a2@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello ipfw users and hackers. I have tried, for many weeks, ng_tag to tag packets for ipfw filtering. I could make it work fine. However, I have one problem. I want to make a state that will match any packet, on any protocol, between the peers. Why? Because all I have, is one packet. And this packet however, wont always be in the same transport protocol. For example, I can identify session initialization on TCP packets, but once initialized, all communication between peers happen via UDP. I know such a thing dont exist in ipfw. However, I would like to know if someone can suggest changes to the code that would do this. Would also be great if I could have a sysctl OID to tune state-timing of this unusual behavior, differently from the existing sysctl mibs on "dyn" stuff on ipfw. Every suggestion on a feature like that, would be appreciated. -- =========== Eduardo Meyer pessoal: dudu.meyer@gmail.com profissional: ddm.farmaciap@saude.gov.br
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d3ea75b30708060905p25019480i90fd1d71dc9120a2>