Date: Tue, 5 Jan 2010 19:38:51 +0100 From: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org> To: Luigi Rizzo <rizzo@iet.unipi.it> Cc: =?ISO-8859-1?Q?Ermal_Lu=E7i?= <eri@freebsd.org>, Luigi Rizzo <luigi@freebsd.org>, src-committers@freebsd.org, svn-src-user@freebsd.org Subject: Re: svn commit: r201517 - in user/luigi/ipfw3-head/sys/netinet: . ipfw Message-ID: <9a542da31001051038t9f253fbo79241b11dbba9100@mail.gmail.com> In-Reply-To: <20100105182643.GA93051@onelab2.iet.unipi.it> References: <201001041658.o04GwFfG023749@svn.freebsd.org> <9a542da31001051006r61af058eg715c29ef0d3d2020@mail.gmail.com> <20100105182643.GA93051@onelab2.iet.unipi.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 5, 2010 at 7:26 PM, Luigi Rizzo <rizzo@iet.unipi.it> wrote: > On Tue, Jan 05, 2010 at 07:06:51PM +0100, Ermal Lu?i wrote: > > On Mon, Jan 4, 2010 at 5:58 PM, Luigi Rizzo <luigi@freebsd.org> wrote: > > > > > Author: luigi > > > Date: Mon Jan 4 16:58:15 2010 > > > New Revision: 201517 > > > URL: http://svn.freebsd.org/changeset/base/201517 > > > > > > Log: > > > divert has no specific API so we don't really need an ip_divert.h > > > > > > > > > DECLARE_MODULE(ipdivert, ipdivertmod, SI_SUB_PROTO_IFATTACHDOMAIN, > > > SI_ORDER_ANY); > > > -MODULE_DEPEND(dummynet, ipfw, 2, 2, 2); > > > +MODULE_DEPEND(ipdivert, ipfw, 2, 2, 2); > > > MODULE_VERSION(ipdivert, 1); > > > > > > > I would suggest to remove the dependency altogether since divert(4) does > > not really depend on ipfw(4). Furthermore, the newest pf(4) can work > > together with divert(4) so the it will have more than one consumer in the > > tree. > > I was not aware of pf support -- in fact, i wonder how divert could work > without ipfw because the function pointer ip_divert_ptr at the moment > is defined in ip_fw_pfil.c . > > There are in fact, I believe, two things that enforce the dependency: > 1. the ip_divert_ptr above. We should move it elsewhere, in the > standard ip_* files; > > 2. the tag that is attached to the packet to record the reinject cookie > (I have recently redefined it as MTAG_IPFW_RULE because i was > not aware of the pf(4) support -- i need to revert/fix this if > we want divert and pf cooperation (though note that I tried to > have the same mtag format for all reinjected packets -- dummynet, > divert, netgraph, ... so once we fix it for one application it > should work for all with no special code). > > cheers > luigi > Check it out here http://svn.freebsd.org/viewvc/base/user/eri/pf45/head/ <http://svn.freebsd.org/viewvc/base/user/eri/pf45/head/>The divert support with the pointer moving is commit 198045 for checking on how i have done in that branch. If you find a better solution go ahead and i will update the referenced pf branch as well. -- Ermal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9a542da31001051038t9f253fbo79241b11dbba9100>