Date: Tue, 22 Jun 2004 10:29:05 +0200 From: Ian FREISLICH <if@hetzner.co.za> To: Andre Oppermann <andre@freebsd.org> Cc: freebsd-current@freebsd.org Subject: Re: New preview patch for ipfw to pfil_hooks conversion Message-ID: <E1BcgeP-000DXq-00@hetzner.co.za> In-Reply-To: Your message of "Mon, 21 Jun 2004 23:36:21 %2B0200." <40D754D5.1070805@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Andre Oppermann wrote: > Here is the next preview patch for the ipfw to pfil_hooks conversion: > > http://www.nrg4u.com/freebsd/ipfw-pfilhooks-and-more-20040621.diff > > This patch significantly cleans up ip_input.c and ip_output.c. That would be a very a nice thing, but it looks like this breaks the patch that I submitted (kern/64240) which fixes the acknowledged problem with 'ipfw tee' accepting packets instead of copying them to the divert port and then processing the packet according to the rest of the rule set. There have been about 5 PRs (most with patches) in the past years which all claim to fix this problem indicating that here is a need for a fix. We rely on the fix in kern/64240 to collect traffic accounting information for billing and statistical purposes. There hasn't been much interest from the committers in having a look at this even though the work has already been done. Now that you're actively working on that part of the source, would it be possible to take a look? I would also be happy to create a new patch to fix this problem against ipfw with pfilhooks if that's what it's going to take to get a fix committed. Ian -- Ian Freislich
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1BcgeP-000DXq-00>