IPFW: more "orthogonal? state operations, push into 11?
Jan Bramkamp
crest at rlwinm.de
Fri Aug 5 08:03:27 UTC 2016
On 05/08/16 06:36, Julian Elischer wrote:
> I ended up having to do this via an ugly use of skiptos where packets
> I wanted to forward, were identified early and then sent to a duplicate
> set of
> rules which also did the divert, but then did the forward. I think
> there were
> about 25 rules duplicated.
You could deduplicate this with a call/return pair but good luck ever
debugging it if something goes wrong because the call/return stack is
tied to the mbuf "allowing" you to call during igress and return during
egress for maximal confusion.
More information about the freebsd-ipfw
mailing list