Date: Tue, 9 May 2006 23:14:57 -0700 From: Luigi Rizzo <rizzo@icir.org> To: "Andrey V. Elsukov" <bu7cher@yandex.ru> Cc: freebsd-net@freebsd.org, Julian Elischer <julian@elischer.org> Subject: Re: ipfw divert with layer2 (if_bridge) packets Message-ID: <20060509231457.B67417@xorpc.icir.org> In-Reply-To: <4461830E.8070207@yandex.ru>; from bu7cher@yandex.ru on Wed, May 10, 2006 at 10:07:10AM %2B0400 References: <4460FF4E.10305@ifi.unicamp.br> <44610333.6070806@elischer.org> <4461830E.8070207@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 10, 2006 at 10:07:10AM +0400, Andrey V. Elsukov wrote: > Julian Elischer wrote: > > I have changes that make it work in 4.x but they will not apply to 5.x > > or later.. > > Luigi also has some changes that allow it.. > > I can try porting an older patches which allow this. > Is there a chance for including this feature into base system? sorry if i missed the earlier part of the thread... the earlier patches i posted (for 4.x) had a race problem because L2 packets would be processed with the wrong spl mask leading to possible corruption in the socket buffer. A fix for that involves sending divert packets to the ipintrq so they could be reprocessed with the correct masks. Probably 6.x does not have the same problem as the locking there is different. So in that case it might just be a case of adapting the patch to compile. cheers luigi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060509231457.B67417>