Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 4 Oct 2010 12:02:12 -0500
From:      Brandon Gooch <jamesbrandongooch@gmail.com>
To:        Eduardo Meyer <dudu.meyer@gmail.com>
Cc:        ipfw@freebsd.org
Subject:   Re: layer2 ipfw 'fwd' support
Message-ID:  <AANLkTinj8wd9AbROwRzUAUK=XraYmTDkoB3MGddqq-Tn@mail.gmail.com>
In-Reply-To: <AANLkTi=wHkmfDmoPrKN1SRcE9m=1_5iieAd85hQNWHs1@mail.gmail.com>
References:  <AANLkTi=wHkmfDmoPrKN1SRcE9m=1_5iieAd85hQNWHs1@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Oct 4, 2010 at 9:44 AM, Eduardo Meyer <dudu.meyer@gmail.com> wrote:
> Hello,
>
> In the past I have used this patch by Luigi Rizzo, which helped me well.
>
> http://lists.freebsd.org/pipermail/freebsd-ipfw/2003-September/000526.htm=
l
>
> I tried with a friend to port it to -STABLE, but we were not able to
> find out what has replaced mt_tag. Also on ip_input.c we dirty hacked
> to following piece of code:
>
> #ifdef IPFIREWALL_FORWARD
> =A0 =A0 =A0 =A0if (m->m_flags & M_FASTFWD_OURS) {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0m->m_flags &=3D ~M_FASTFWD_OURS;
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0goto pass; /* XXX was 'ours' - SHOULD WE M=
ODIFY IT HERE */
> =A0 =A0 =A0 =A0}
> =A0 =A0 =A0 =A0if ((dchg =3D (m_tag_find(m, PACKET_TAG_IPFORWARD, NULL) !=
=3D NULL)) !=3D 0) {
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0/*
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 * Directly ship the packet on. =A0This al=
lows forwarding
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 * packets originally destined to us to so=
me other directly
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 * connected host.
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 */
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0ip_forward(m, dchg);
> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0return;
> =A0 =A0 =A0 =A0}
> #endif /* IPFIREWALL_FORWARD */
>
> And this is something we are not sure if its correct.
>
> So my very obvious question is:
>
> Does anyone has a recent version of this patch to share?
>
> Can anyone familiar with ipfw source code help me with that?
>

I'm certainly not an expert, but I wonder if the patch your referring
to is still required? Can you provide more detail about your
particular application?

-Brandon

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinj8wd9AbROwRzUAUK=XraYmTDkoB3MGddqq-Tn>