Date: Thu, 23 Apr 1998 15:35:43 +0200 From: Darren Reed <darrenr@reed.wattle.id.au> To: Eivind Eklund <eivind@yes.no> Cc: hackers@FreeBSD.ORG Subject: Re: changing ipfw interface (was Re: cvs commit: src/sys/netinet ip_fw.c) Message-ID: <9804231217.AA01806@avalon.reed.wattle.id.au.> In-Reply-To: <19980423135332.35381@follo.net> from "Eivind Eklund" at Apr 23, 98 01:53:32 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some email I received from Eivind Eklund, sie wrote: [...] > Well, what do you think? To me, it seems that it is effectively duplicating the BPF code, plus you'd have a much more flexible solution with BPF and less "extra code" in the kernel. Of course, maybe you don't want to write an ipfw rule -> BPF converter :) Plus, it only solves half of the problem - structure size changing but not capabilities. If you ever remove a capability, the filter rules could be screwed. Darren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9804231217.AA01806>