Date: Wed, 05 Aug 2015 21:49:36 +0000 From: Daniel Peyrolon <tuchalia@gmail.com> To: George Neville-Neil <gnn@freebsd.org> Cc: soc-status@freebsd.org Subject: Re: Status reports for "JIT for firewalling" Message-ID: <CA%2ByaQw_Tm0Ciwsbe-_PY_tVvpAT_rsaujz54Nv6jAFDXxZH7nw@mail.gmail.com> In-Reply-To: <C3C0FABA-0178-4F69-9675-71E82807CF11@freebsd.org> References: <CA%2ByaQw-vHcz6e=ugDx4g0APtV6C9nAzPoOm5ZfTcdHb=4wfamg@mail.gmail.com> <CA%2ByaQw9G9TjKb2vfz0OAyg0rryWD2gM_r9sV3VoWoQq7De_wug@mail.gmail.com> <358A0094-61DE-4685-933F-EDED85A6A07C@freebsd.org> <CA%2ByaQw-884no1GMHhQ201VDTV3OipRJgaaT1mfWErNj2Ls2rzQ@mail.gmail.com> <CA%2ByaQw-SZtDunZ%2B6Mk=zLm-MyedkUotpmQ10AYJQ4xgxcRrPhA@mail.gmail.com> <C3C0FABA-0178-4F69-9675-71E82807CF11@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes, all of that is commited at my repo. El mar., 4 ago. 2015 a las 14:13, George Neville-Neil (<gnn@freebsd.org>) escribi=C3=B3: > Sounds very promising. > Have you committed an pushed the changes that made everything > start to work? Even if that's just a set of notes, rather than code, > that ought to be preserved. > > Best, > George > On 3 Aug 2015, at 9:15, Daniel Peyrolon wrote: > > > Hello, > > > > Finally we have the firewall working! > > I get a kernel panic whenever I try to filter an unbounded number of > > packets, but it doesn't when filtering a small amount of packets. > > > > The things to do now are: > > - Test that the emission of all the new rules is working properly, an= d > > test that rule. > > - Avoid kernel panic. This will take a longer time, but we need this = in > > order to get the firewall working in real-world systems. > > - Write flow modifying rules: Given that I've been out of the game fo= r > > so long, I haven't been able to get those rules written yet, but luckil= y > > they are only two rules, and its implementation shouldn't be hard. > > > > El lun., 27 jul. 2015 a las 20:36, Daniel Peyrolon (<tuchalia@gmail.com > >) > > escribi=C3=B3: > > > >> Hi again, > >> > >> Unfortunately I haven't been able to make any further progress. > >> I've been having a lot of problems to get the compiler working. I test= ed > >> many different hypotheses about the bug with no success so far, and I'= ve > >> talked with David Chisnall to see if he could lend me a hand and he ha= s > >> given me some pointers. So, hopefully, I'll be past this stage this > week. > >> > >> El lun., 20 jul. 2015 a las 15:43, George Neville-Neil (< > gnn@freebsd.org>) > >> escribi=C3=B3: > >> > >>> Seems like the next thing to do is build from source as David suggest= s. > >>> > >>> Best, > >>> George > >>> > >>> > >>> On 20 Jul 2015, at 4:47, Daniel Peyrolon wrote: > >>> > >>>> Hi everyone, > >>>> > >>>> This has not been a productive week. I've been so far unable to get > >>>> the > >>>> compiler working, I contacted David Chinsall as I said, and I have > >>>> been > >>>> looking to make everything works. The initialization process of LLVM > >>>> is not > >>>> working as expected, which may be related to a bad install (we have > >>>> already > >>>> disarded that), a bad building process, or a bad LLVM initialization > >>>> process. Given the fact that the LLVM API has changed a lot since th= e > >>>> last > >>>> time, that may be possible. > >>>> > >>>> El s=C3=A1b., 11 jul. 2015 a las 12:24, Daniel Peyrolon > >>>> (<tuchalia@gmail.com>) > >>>> escribi=C3=B3: > >>>> > >>>>> Hi everyone, > >>>>> > >>>>> This last pair of weeks I've written the code needed to compile > >>>>> almost all > >>>>> the rules, except those that modify control flow: call and skipto. > >>>>> For > >>>>> those ones I will have to write them by hand on LLVM IR. > >>>>> > >>>>> I also started working on the testing code. I'm using conductor to > >>>>> control the different hosts. I already have reserved a pair of host= s > >>>>> from > >>>>> the netperf cluster in order to get that running. > >>>>> > >>>>> So far I haven't been able to test anything because the compiler is > >>>>> not > >>>>> working yet, there has been a change in the API of LLVM since I las= t > >>>>> worked > >>>>> with it, I sent an email to my past mentor, David Chisnall asking f= or > >>>>> advice. > >>>>> -- > >>>>> Daniel > >>>>> > >>>> -- > >>>> Daniel > >>> > >> -- > >> Daniel > >> > > -- > > Daniel > --=20 Daniel
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2ByaQw_Tm0Ciwsbe-_PY_tVvpAT_rsaujz54Nv6jAFDXxZH7nw>