From owner-freebsd-hackers  Sun Apr  4  8: 6:53 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from janus.syracuse.net (janus.syracuse.net [205.232.47.15])
	by hub.freebsd.org (Postfix) with ESMTP id E1F8914E9F
	for <hackers@FreeBSD.ORG>; Sun,  4 Apr 1999 08:06:50 -0700 (PDT)
	(envelope-from green@unixhelp.org)
Received: from localhost (green@localhost)
	by janus.syracuse.net (8.9.2/8.8.7) with ESMTP id LAA21344;
	Sun, 4 Apr 1999 11:04:55 -0400 (EDT)
Date: Sun, 4 Apr 1999 11:04:54 -0400 (EDT)
From: Brian Feldman <green@unixhelp.org>
X-Sender: green@janus.syracuse.net
To: "Matthew N. Dodd" <winter@jurai.net>
Cc: hackers@FreeBSD.ORG
Subject: Re: ipfw uid
In-Reply-To: <Pine.BSF.4.02.9904040618060.2158-100000@sasami.jurai.net>
Message-ID: <Pine.BSF.4.05.9904041101340.21261-100000@janus.syracuse.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, 4 Apr 1999, Matthew N. Dodd wrote:

> On Sat, 3 Apr 1999, Brian Feldman wrote:
> > {"/usr/src/sbin/ipfw"}# ipfw show
> > 00050  8157 2864127 count ip from any to any uid 1000 in
> > 00060  8952 1834453 count ip from any to any uid 1000 out
> 
> This is, by far, the most BOFHly software feature I've seen in a while.
> 
> Add 'gid', 'egid', 'euid' etc. support and you'll have it.
> 
> Something like this can help prevent individual users from sucking up your
> whole line.

Especially coupled with dummynet, which I haven't tried yet. My order for
working on this is now two priorites.
	1. Get incoming packets counted correctly. This is not easy, it seems.
	2. Get gids working. This won't be too hard, but it's less important.

If you have any good ideas on the easiest way to find the destination of a
packet (tcp and udp) BEFORE they reach ipfw (in ip_input of course), I'm
interested (as it will save me time trying to figure this out.)

> 
> -- 
> | Matthew N. Dodd  | 78 280Z | 75 164E | 84 245DL | FreeBSD/NetBSD/Sprite/VMS |
> | winter@jurai.net |      This Space For Rent     | ix86,sparc,m68k,pmax,vax  |
> | http://www.jurai.net/~winter | Are you k-rad elite enough for my webpage?   |
> 
> 

 Brian Feldman                _ __ ___ ____  ___ ___ ___  
 green@unixhelp.org                _ __ ___ | _ ) __|   \ 
     FreeBSD: The Power to Serve!      _ __ | _ \__ \ |) |
         http://www.freebsd.org           _ |___/___/___/ 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message