Date: Fri, 8 Jan 2016 17:57:46 -0500 From: Karim Fodil-Lemelin <fodillemlinkarim@gmail.com> To: freebsd-ipfw@freebsd.org Subject: Re: layer2 ipfw fwd Message-ID: <56903EEA.3030905@gmail.com> In-Reply-To: <567D7EA9.6050201@freebsd.org> References: <CAGtf9xOzJ%2BcL-W=HP5cd2nyabY=03AgTyFLvDuQWN-xB6KqjCg@mail.gmail.com> <567795F1.5080605@freebsd.org> <CAC%2BJH2xXVpnDfa5KUQGZ39uoqSiS5oB72ak6bAeaPqXgyCmd3Q@mail.gmail.com> <56780F5A.5060209@freebsd.org> <1450885787.1918354.474995842.261BD65D@webmail.messagingengine.com> <567D7EA9.6050201@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2015-12-25 12:36 PM, Julian Elischer wrote: > On 23/12/2015 11:49 PM, Mark Felder wrote: >> >> On Mon, Dec 21, 2015, at 08:40, Julian Elischer wrote: >>> This is EXACTLY what the cisco/ironport web filter appliance does... >>> >> If we had this in FreeBSD nobody would have to reinvent the wheel to >> build a similar appliance, right? And it might allow someone to build a >> competing open source FreeBSD-based web filter appliance with this same >> feature set... > nah...there is SO MUCH MORE to what the ironport does. Yes and that is why FWD action isn't part of the bridge if I recall the old discussions. Where I work, we also have a L2 transparent proxy (we wrote it way back on FBSD 4.5 based on Luigi's old bridge code) but it is very specific for one particular application. Trying to support a generic L2 FWD action that does any next hop forwarding as a general solution (which is what you'd need to do for FBSD) would require a lot of code most users wouldn't want to see the bridge burden with. Well that is what we've seen throughout the years. K.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56903EEA.3030905>