Date: Sat, 16 Jul 2005 17:40:32 +0200 From: Max Laier <max@love2party.net> To: freebsd-ipfw@freebsd.org, Chris Dionissopoulos <dionch@freemail.gr> Cc: freebsd-net@freebsd.org Subject: Re: Traffic quota features in IPFW Message-ID: <200507161740.38234.max@love2party.net> In-Reply-To: <001c01c58a17$5dbe4a40$0100000a@R3B> References: <001c01c58a17$5dbe4a40$0100000a@R3B>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart1851428.8rYmtsePCh Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Saturday 16 July 2005 17:02, Chris Dionissopoulos wrote: > Hi ppl, ( and sorry for cross posting) > > I review Andrey's Elsukov patch for adding "bound" support in ipfw, and i > decide to push a little forward this feature. Sorry to be blunt, but I don't see the point in this feature nor do I think= =20 it's a good idea. All it does is adding overhead to every packet that is=20 processed by IPFW. You might argue that this overhead is fairly little, bu= t=20 if you combine the last ten "neat to have though not really necessary"=20 features this adds up. Also the code is getting more and more hacked up. = =20 Your feature might be nicely done, but it adds to the main switch-loops=20 making them more and more unreadable until it all falls over and nobody is= =20 willing to touch the code anymore. I have seen (too) much ipfw code lately= =20 while tieing together lose ends in the IPv6-import and it's already messy=20 enough. I urge you to reconsider if we really need this. If you think we can't liv= e=20 without it, it'd be nice if you could come up with a clean(er) way to exten= d=20 IPFW with additional stuff like this without impact to performance and=20 maintainability for the common case (without the magic foobar-option of the= =20 day). Thanks. BTW: This function can be done with a three line awk-skript without any eff= ect=20 on performance. Of course you will lose some precision, but I don't see=20 applications where you have to be *that* percise. > You can see the whole picture in there: > http://www.freebsd.org/cgi/query-pr.cgi?pr=3D80642 > and there: > http://butcher.heavennet.ru/ > > In my patch, 3 new options are added: > 1. "below <VALUE>" (which is the same option as Andrey's "bound" option, I > just rename it) 2. "above <VALUE>" which is the oposite option of "below". > Match rules when the counter is above <value> 3. "check-quota" (which is > the same option as Andrey's "check-bound" , but now applies to both "abov= e" > and "below" options). > > Notes: > 1. Patch is against releng_6. > 2. I also include a more compicated example which is (IMHO) a complete > traffic quota+shaping solution for a small (or not so small) ISP. > 3. For installation, follow the instructions Adrey publish in his webspac= e: > http://butcher.heavennet.ru/ > 4. Patch doesn't breaks ipfw ABI (today) , because adds new options at t= he > end of list. If you apply this patch in a month or so, I cannot guarantee > success. > 5. Please test, and send me your feedbacks. > > > I 'll be happy if you find usefull these features and if any developer > commits this patch in current or releng_6 branch. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1851428.8rYmtsePCh Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQBC2Sp2XyyEoT62BG0RArgxAJ0ZAB+WwLvgiDOEP3Wc7pf2nbO4/gCfUkW5 1bXjQ6ki49j111y8WoclRNo= =uE28 -----END PGP SIGNATURE----- --nextPart1851428.8rYmtsePCh--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507161740.38234.max>