From owner-cvs-all@FreeBSD.ORG Tue Aug 17 23:46:11 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CCC1216A4D0 for ; Tue, 17 Aug 2004 23:46:11 +0000 (GMT) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 062AE43D4C for ; Tue, 17 Aug 2004 23:46:11 +0000 (GMT) (envelope-from andre@freebsd.org) Received: (qmail 1808 invoked from network); 17 Aug 2004 23:46:10 -0000 Received: from unknown (HELO freebsd.org) ([62.48.0.54]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 17 Aug 2004 23:46:10 -0000 Message-ID: <412298C5.4D5D1A48@freebsd.org> Date: Wed, 18 Aug 2004 01:46:13 +0200 From: Andre Oppermann X-Mailer: Mozilla 4.8 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Sam Leffler References: <200408172205.i7HM5sDs087606@repoman.freebsd.org> <200408180122.28379.max@love2party.net> <41229617.CB69E0BE@freebsd.org> <200408171640.31631.sam@errno.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: Max Laier cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org cc: cvs-src@FreeBSD.org Subject: Re: cvs commit: src/sys/conf files options src/sys/modules/ipfw Makefile src/sys/net bridge.c src/sys/netgraph ng_bridge.c src/sys/netinet ip_divert.c ip_dummynet.c ip_dummynet.h ip_fastfwd.c ip_fw.h ip_fw2.c ip_fw_pfil.c ip_input.c ip_output.c ... X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Aug 2004 23:46:11 -0000 Sam Leffler wrote: > > On Tuesday 17 August 2004 04:34 pm, Andre Oppermann wrote: > > Max Laier wrote: > > > On Wednesday 18 August 2004 00:05, Andre Oppermann wrote: > > > > andre 2004-08-17 22:05:54 UTC > > > > > > > > FreeBSD src repository > > > > > > > > Modified files: > > > > sys/conf files options > > > > sys/modules/ipfw Makefile > > > > sys/net bridge.c > > > > sys/netgraph ng_bridge.c > > > > sys/netinet ip_divert.c ip_dummynet.c ip_dummynet.h > > > > ip_fastfwd.c ip_fw.h ip_fw2.c ip_input.c > > > > ip_output.c ip_var.h raw_ip.c tcp_input.c > > > > tcp_sack.c > > > > sys/sys mbuf.h > > > > Added files: > > > > sys/netinet ip_fw_pfil.c > > > > Log: > > > > Convert ipfw to use PFIL_HOOKS. > > > > > > Excellent!!! Great!!!! Thank you!!! > > > > > > I don't like the hack to bridge.c, but that's marked XXX so I guess you > > > don't either. I hope we can clean this up for RELENG_5_3, though. > > > > No, I don't like it at all. I have some code ready but did not have time > > to test it before code freeze. What I want to do is a PFIL_HOOK with > > protocol AF_ETHER which gives you the full layer2 header in the packet. > > What the packet filter does with it is up its implementation. For example > > it might ignore everthing but IP packets or provide ether header matching > > functionality or such. > > > > I think we (mlaier and me) could cook this up within a week. Though I'm > > not sure much RE is going to like this kind of changes at this time. > > My original version of this work added several new pfil hooks for stuff like > this. Do you have your orginal work still somewhere around to have a look at? I'd like to avoid to re-invent the wheel if possible. ;-) -- Andre