[patch] ipfw_nat as a kld module
piso at FreeBSD.org
piso at FreeBSD.org
Fri Feb 29 15:38:56 UTC 2008
On Fri, Feb 29, 2008 at 02:37:14PM +0000, Vadim Goncharov wrote:
> >> * struct ip_fw_chain moved to .h and no longer static, is this good?
> >> I suggest to move into it's own static chain in module, see next
> > the symbol is used outside it's originating file
>
> Is it needed if LIST_HEAD will be in its own module?
every modification/access to layer3_chain lock is arbitrated via its
own rwlock(), thus to answer your question, yes, there are places
where we would need access to layer3_chain
> > that's something i thought about, but i didn't see any tangible improvement
> > to this modification, cause part of ipfw_nat would still be called from
> > ipfw2.c (see ipfw_ctl).
>
> This could be fixed, too, as is done with dummynet, which is also configured
> via ipfw(8). As it is HEAD, ABI can be broken and this will not be done via
> ipfw_ctl().
yes, but does it buy us anything? moreover, we would loose the ability
to merge the work back to 7.x.
bye,
P.
More information about the freebsd-ipfw
mailing list