From owner-freebsd-net@FreeBSD.ORG  Wed Aug  1 00:19:19 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5515616A418;
	Wed,  1 Aug 2007 00:19:19 +0000 (UTC)
	(envelope-from csjp@sub.vaned.net)
Received: from sub.vaned.net (sub.vaned.net [205.200.235.40])
	by mx1.freebsd.org (Postfix) with ESMTP id 1C46913C428;
	Wed,  1 Aug 2007 00:19:18 +0000 (UTC)
	(envelope-from csjp@sub.vaned.net)
Received: by sub.vaned.net (Postfix, from userid 1001)
	id 3DF9B5C3B; Tue, 31 Jul 2007 19:19:08 -0500 (CDT)
Date: Tue, 31 Jul 2007 19:19:08 -0500
From: "Christian S.J. Peron" <csjp@FreeBSD.org>
To: Julian Elischer <julian@elischer.org>
Message-ID: <20070801001908.GA8822@sub>
References: <20070731162515.GA3684@sub> <46AF7E57.5020209@incunabulum.net>
	<20070731204156.GA7614@sub> <46AFB6C9.20401@incunabulum.net>
	<46AFC441.2070502@elischer.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <46AFC441.2070502@elischer.org>
User-Agent: Mutt/1.4.2.2i
Cc: freebsd-net@freebsd.org, "Bruce M. Simpson" <bms@incunabulum.net>,
	rwatson@freebsd.org, "Christian S.J. Peron" <csjp@FreeBSD.org>
Subject: Re: divert and deadlock issues
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Aug 2007 00:19:19 -0000

On Tue, Jul 31, 2007 at 04:22:41PM -0700, Julian Elischer wrote:
[..]
> 
> Originally we wanted a way to be able to inject any kind of 
> ip packet that could be generated, because the aim was to 
> allow a user agent to do arbitrary processing on packets. however
> to be really correct, a divert injection should occur at teh position of 
> the firewall
> where diversion occurs but there is no way to do that and anyhow they need
> to get some of the internal state added to them before they get there, so 
> puting them in via ip_output seemed the way to go.
> 
> I've never had much to do with multicast, so I'm not sure if it makes sense
> to inject there, but if you wanted to divert multicast packets
> and change them slightly, and then reinject them, it would be a blow 
> to discover that you couldn't.

Well, it's still the intent to keep the ability to divert and re-inject
multicast packets.  This change would basically say: "You cant specify
multicast options via the divert socket". Which in practice doesn't
happen anyway (where I looked).

I dont think we should be specifying multicast options on divert sockets.
It's not the right place to be manipulating multicast parameters.  Multicast
parameters should be set on the sockets that originally transmitted or
received the packets.  I dont think divert falls into this category.

-- 
Christian S.J. Peron
csjp@FreeBSD.ORG
FreeBSD Committer