Date: Fri, 24 May 2002 06:18:46 +0200 From: Rocco Lucia <rlucia@iscanet.com> To: freebsd-net@freebsd.org Subject: ng_fwdswitch netgraph node Message-ID: <57047D2A-6ECD-11D6-A953-000393B296CE@iscanet.com>
next in thread | raw e-mail | index | archive | help
Hello, I tweaked a little the one2many node to realize some different kind of packet switching node. I needed something that would help me to split over different IDS sensors data coming from span/mirroring session done on the network. At first I tried to glue some bpf nodes but I had no luck since performance was very poor and I had tons of packets lost (p3 866MHz, ~100kpt/s inbound). The fwdswitch node, could be imagined as a 'many2many' node but monodirectional only: packets flow from 'in' hooks to 'out' hooks only. The decision about which 'out' hook to choose to forward a packet is taken going through a forwarding table that associates an IPaddress/netmask to an output hook index. Packets that are not matched or frames that are not IP packets will be forwarded to the 'default' hook. I just finished to fix it, made some documentation so it is still incomplete, requires cleanup and has some bugs in the configuration part, but it is nicely working. Let me know if it can be of any interest. It's downloadable at http://elisa.utopianet.net/~rlucia/devel/ng_fwdswitch/ It will compile on 4-STABLE. Ciao :) Rocco -- Rocco Lucia - rlucia@iscanet.com Iscanet Internet Services http://elisa.utopianet.net/~rlucia System and Network Admin C6E6 AC9A 1361 FB38 B47A 2792 9FC4 C52F 7A68 4468 Free unices for a free world. Support *BSD. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57047D2A-6ECD-11D6-A953-000393B296CE>