IPDIVERT
Ruslan Ermilov
ru at freebsd.org
Wed Apr 30 01:08:47 PDT 2003
On Wed, Apr 30, 2003 at 12:42:45AM -0700, Luigi Rizzo wrote:
> On Wed, Apr 30, 2003 at 02:31:14PM +0700, Max Khon wrote:
> > hi, there!
> ...
> > On Tue, Apr 29, 2003 at 11:05:29PM +0300, Ruslan Ermilov wrote:
> > > > I have a suggestion to build GENERIC and ipfw.ko with IPDIVERT by default
> > > > or change IPDIVERT to NOIPDIVERT and build boot kernels with NOIPDIVERT.
> > > > The main goal is to allow to use NAT with stock kernels and ipfw.ko.
> ...
> > AFAIK there is no possibility to add IPPROTO_DIVERT dynamically to
> > inetsw[]. Some fields of 'struct ipq' are under #ifdef IPDIVERT as well.
> > ipfw code under #ifdef IPDIVERT are just `case' labels and strings in printf's
> > (like "ipdivert enabled"). In other words is it really
> > worth splitting ipdivert into separate .ko module? Changing IPDIVERT to
> > NOIPDIVERT will be cleaner in my opinion.
>
> indeed, i believe we should make the main part of IPDIVERT processing
> (in ip_input.c, ip_output.c, ip_fw2.c and ip_var.h) non-optional
> (this would also allow a better realignment of fields in struct ipq)
> and only make the code in ip_divert.c a module
>
That's what I basically meant by "changing lot of ``#ifdef IPDIVERT'' to
``if (IPDIVERT_LOADED)''", too.
Cheers,
--
Ruslan Ermilov Sysadmin and DBA,
ru at sunbay.com Sunbay Software AG,
ru at FreeBSD.org FreeBSD committer,
+380.652.512.251 Simferopol, Ukraine
http://www.FreeBSD.org The Power To Serve
http://www.oracle.com Enabling The Information Age
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20030430/419f9c67/attachment.bin
More information about the freebsd-net
mailing list