Date: Mon, 13 May 2002 13:27:38 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Luigi Rizzo <luigi@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/net if_ethersubr.c src/sys/netinet ip_dummynet.c ip_dummynet.h Message-ID: <13232.1021289258@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 13 May 2002 04:26:19 PDT." <20020513042619.A30792@iguana.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20020513042619.A30792@iguana.icir.org>, Luigi Rizzo writes: >On Mon, May 13, 2002 at 12:47:43PM +0200, Poul-Henning Kamp wrote: >... >> But couldn't you easily add a new rulechain for the ethernet >> rules ? That seems both clean and simple to me ? > >yes, in fact this is probably what i will end up doing. >Just trying to figure out what to put in the ip_fw struct to >instruct the kernel to link the rule in the other chain. > >> Besides, if we want to clean up, 5.0 is the time to do it... > >there is more to that. After looking at how bloated the code has >become, i have definitely come to the conclusion that we have two >choices here (not mutually exclusive): Even better yet: + Make the ipfw program a "ipfw rule to C compiler" and kldload the compiled C code. BillF has worked on this and the performance increase was fantastic. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13232.1021289258>