Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 9 Jun 2002 13:18:17 +0300 (EEST)
From:      Adrian Penisoara <>
To:        Luigi Rizzo <>
Cc:        ipfw@FreeBSD.ORG, freebsd-altq list <>
Subject:   Re: New ipfw code available
Message-ID:  <>
In-Reply-To: <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Sat, 8 Jun 2002, Luigi Rizzo wrote:

> [Bcc to -current because it is relevant there as well -- sorry for the
> crosspost]
> Hi,
> over the past 2-3 weeks I have done an extensive rewrite of the
> ipfw code (userland + kernel) in an attempt to make it faster and
> more flexible.
> The idea (which I discussed a few times on the mailing lists) was
> to replace the current ipfw rules (macroinstructions) with a set
> of microinstructions, each of them performing a single operation
> such as matching an address, or a port range, or a protocol flag,
> etc.  -- much in the spirit of BPF and derivatives -- and to let
> the userland front-end compile ipfw(8) commands into an appropriate
> set of microinstructions.

  This is very good news! I hope you will integrate the MAC address
filtering feature too, it will be pretty important for our cable clients
who will be able to control the ARP table.

  From another point of view (more specifically, the integration of
ALTQ QoS framework into FreeBSD -current), cold you please think about
the possibility of integrating into ipfw a classifier mechanism  who
will be able to "tag" the packets into specific classes, information
which will be used by the ALTQ queueing disciplines to perform their QoS
packet scheduling. This will probably imply the addition of a class
attribute field to the struct mbuf structure -- so this will probably be
a future deveopment direction for -current. However, "there is more than
way to do it" (as Perl taught us), so there might be other solutions.


 [1] ALTQ webpage

 [2] ALTQ integration in FreeBSD project

 [3] FreeBSD-ALTQ mailing list -- to subscribe send a
     "subscribe freebsd-altq" command to

 Adrian Penisoara
 Ady (
 FreeBSD-ALTQ project
| An age is called Dark not because the light fails to shine, but  |
| because people refuse to see it.                                 |
|               -- James Michener, "Space"                         |

To Unsubscribe: send mail to
with "unsubscribe freebsd-ipfw" in the body of the message

Want to link to this message? Use this URL: <>