Date: Mon, 20 May 1996 10:40:31 -0400 From: Garrett Wollman <wollman@lcs.mit.edu> To: Archie Cobbs <archie@whistle.com> Cc: questions@freebsd.org Subject: Re: ip masquerading Message-ID: <9605201440.AA22230@halloran-eldar.lcs.mit.edu> In-Reply-To: <199605180824.BAA02382@bubba.whistle.com> References: <199605180548.WAA22030@phaeton.artisoft.com> <199605180824.BAA02382@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Sat, 18 May 1996 01:24:18 -0700 (PDT), Archie Cobbs <archie@whistle.com> said: > There's a larger question here then, which is that we need a more > general mechanism for user-land "filtering" (in the most general sense) > of packets as they cross an interface. BPF and /dev/tun? are both > great, but you can't implement a filter with them. The approach taken by `screend' is probably the right one, and it limits the hair in the kernel to something that is easily manageable, and easy to disable if you care about performance... (My group cares about performance.) Doing something like `screend' also makes it possible to provide the appropriate feedback mechanisms to prevent livelock. -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9605201440.AA22230>