anyone have a netgraph node to do ipfw filtering?

[Andrew Snow]

I think what you ask can be done by:

1. sending the packet through ng_mbuf to tag it
2. sending it to ng_ipfw to be sent through IPFW
3. use IPFW rules to operate on packets with the particular tag you 
attached in #1
4. as the final IPFW rule, pass the packet back in to netgraph via a 
'netgraph' IPFW rule.

I have not tried this, no idea if it would work

Best of luck! :-)


- Andrew