Date: Tue, 18 Feb 2014 20:57:02 -0800 From: Luigi Rizzo <rizzo@iet.unipi.it> To: wishmaster <artemrts@ukr.net> Cc: "freebsd-net@freebsd.org" <freebsd-net@freebsd.org> Subject: Re: Re[2]: netmap, VALE and netmap pipes Message-ID: <CA%2BhQ2%2Bjgt42-gJf_SznRoSVzqbSHCkQn4e40mFZf3u0xxPH8Ag@mail.gmail.com> In-Reply-To: <1392711455.632249224.68nv9a9s@frv34.fwdcdn.com> References: <CA%2BhQ2%2Bgbs9aBneUaDGAnKVoPHspzc=5o%2Bh%2Bf_K=T%2BCy8sRxr%2Bw@mail.gmail.com> <1392661063.244494415.kh0fdlsv@frv34.fwdcdn.com> <20140217185832.GB41267@onelab2.iet.unipi.it> <530273BF.5020303@sentex.net> <20140217205213.GC42021@onelab2.iet.unipi.it> <1392711455.632249224.68nv9a9s@frv34.fwdcdn.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Feb 18, 2014 at 1:04 AM, wishmaster <artemrts@ukr.net> wrote: > > > > --- Original message --- > From: "Luigi Rizzo" <rizzo@iet.unipi.it> > Date: 17 February 2014, 22:50:02 > > > > > On Mon, Feb 17, 2014 at 03:40:31PM -0500, Mike Tancsa wrote: > > > On 2/17/2014 1:58 PM, Luigi Rizzo wrote: > > > > On Mon, Feb 17, 2014 at 08:36:06PM +0200, wishmaster wrote: > > > >> > > > >> Thanks, prof. Luigi. > > > >> > > > >> As for me, netmap-ipfw is especially interesting. Would you like > add some examples for userspace bundle of ipfw and dummynet. Because not > all clear in README-file. > > > >> > > > >> E.g. I have classic router with 2 interfaces igb > > > > > > > > replace the "vale" ports with "netmap:igb0" and "netmap"igb1" > > > > and off you go. > > > > > > Apart from the man pages, is there a repository of documentation and > > > examples somewhere ? > > > > not really. but apart from the plumbing into the interfaces, > > this is just the FreeBSD/head ipfw code with obvious features > > disabled (e.g. there is no access to local sockets or address > > lists or routing tables so things like 'me', 'uid xx', 'verrpath' > > do not work). > > Thus it is unable to use kipfw/dummynet in situation with multiple > external interfaces due to > no access to routing tables? > actually the routing is done by a router, a firewall just filters. So you could use this kipfw in a transparent firewall bridge, or in front of the host stack on a machine you want to protect. And for the rest, my original email continued like this: --> And it could definitely be improved to work on more interfaces, --> become multithreaded etc, but this is an exercise that i hope --> someone else will take over. cheers luigi -- -----------------------------------------+------------------------------- Prof. Luigi RIZZO, rizzo@iet.unipi.it . Dip. di Ing. dell'Informazione http://www.iet.unipi.it/~luigi/ . Universita` di Pisa TEL +39-050-2211611 . via Diotisalvi 2 Mobile +39-338-6809875 . 56122 PISA (Italy) -----------------------------------------+-------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BhQ2%2Bjgt42-gJf_SznRoSVzqbSHCkQn4e40mFZf3u0xxPH8Ag>