Date: Tue, 19 Oct 2004 23:19:15 +0200 From: Andre Oppermann <andre@freebsd.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/modules/ipdivert Makefile src/sys/netinetin_proto.c ip_divert.c ip_divert.h ip_fw2.c ip_fw_pfil.c Message-ID: <417584D3.DD1DA0F0@freebsd.org> References: <200410192114.i9JLEvjQ001574@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Andre Oppermann wrote: > > andre 2004-10-19 21:14:57 UTC > > FreeBSD src repository > > Modified files: > sys/netinet in_proto.c ip_divert.c ip_divert.h > ip_fw2.c ip_fw_pfil.c > Added files: > sys/modules/ipdivert Makefile > Log: > Convert IPDIVERT into a loadable module. This makes use of the dynamic loadability > of protocols. The call to divert_packet() is done through a function pointer. All > semantics of IPDIVERT remain intact. If IPDIVERT is not loaded ipfw will refuse to > install divert rules and natd will complain about 'protocol not supported'. Once > it is loaded both will work and accept rules and open the divert socket. The module > can only be unloaded if no divert sockets are open. It does not close any divert > sockets when an unload is requested but will return EBUSY instead. I know locking is not perfect here and I will fix it shortly. However the risk to get hit by it duing an unload is very low and does not pose any real-world risk. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?417584D3.DD1DA0F0>