Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)

From: Ari Suutari (ari_at_suutari.iki.fi)
Date: 06/22/05

  • Next message: Luigi Rizzo: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)" 
    Date: Wed, 22 Jun 2005 19:19:44 +0300
To: Luigi Rizzo <rizzo@icir.org>

    > yes i think you should reuse the tag, just add a new opcode so that
    > the action is attach the mtag to the mbuf if not there yet
    > (maybe override its content if you believe you could match multiple rules of
    > this type) and then continue processing as in a 'count' action.

    Differences to "ipfw fwd" seem to be minimal. Maybe a sysctl
    which changes fwd rule behaviour so that it can either work
    as before or similar to 'count' action would be better solution ?
    This would be similar to net.inet.ip.fw.one_pass.

    (I'm not very actively pushing to sysctl solution, I would
    just like to find out best approach before starting actual
    coding)

        Ari S. 

    -- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.7.10/25 - Release Date: 21.6.2005
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
  • Next message: Luigi Rizzo: "Re: Policy routing idea (Was: ipfw: Would it be possible to continue processing rest of rules after match ?)"