Date: Thu, 13 Mar 2008 09:21:11 +0000 (UTC) From: Vadim Goncharov <vadim_nuclight@mail.ru> To: freebsd-ipfw@freebsd.org Subject: Re: kern/80642: [ipfw] [patch] ipfw small patch - new RULE OPTION Message-ID: <slrnfthsg7.dgk.vadim_nuclight@hostel.avtf.net> References: <200803122100.m2CL0t7V088955@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi vwe@FreeBSD.org! On Wed, 12 Mar 2008 21:00:55 GMT; vwe@FreeBSD.org wrote about 'Re: kern/80642: [ipfw] [patch] ipfw small patch - new RULE OPTION': > State-Changed-From-To: open->suspended > State-Changed-By: vwe > State-Changed-When: Wed Mar 12 20:58:32 UTC 2008 > State-Changed-Why: > Awaiting maintainer interest. > This may be useful for one, so we're not just closing this silently. > http://www.freebsd.org/cgi/query-pr.cgi?pr=80642 Yes, this is useful, but some minor changes are needed, I think. First, rename it to "bytelimit" or somewhat. Second, allow this to use tablearg and possibly ability to reference a counter to corresponding dynamic rule, to allow this to act for a specific IP or connection without need to write many rules. Third, add packet counter as well. That's all possible with one opcode, though... -- WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight@mail.ru [Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnfthsg7.dgk.vadim_nuclight>