[PATCH] 802.1p priority (fixed)

[Jeremie Le Hen]

> 2. Mark 802.1p at PF/IPFW level. But we shold foresee a keyword to trust 
> application level information or override it. For example
> ipfw add 802.1p trust 6 on any to any ssh <-- this trust application 
> level information and set 802.1p to 6 if it is omitted
> ipfw add 802.1p override 6 on any to any ssh <-- this silently set 
> 802.1p == 6, regardless of application

I'm not a 802.1q guru, but I think it would be relevant to be able to
match against the 802.1p, at least when firewalling on layer 2 (bridging).

Furthermore I would like to point out that we are going to introduce an
extremely new feature into ipfw which will allow us to *modify* a packet.
AFAIK, this is not possible for the moment, except when diverting to a
socket.  What I mean is that if I can set the 802.1p header then why
wouldn't I be able to set the TOS value ?  I think we should carefully
choose a flexible way to extend ipfw syntax if we choose to go this way.

Having the possibility to test and set the 802.1p or TOS values
separately would avoid making a "trust"/"override" subtlety and will
obviously make it more flexible.

> 3. Mark 802.1p at vlan drivers like 2
> ifconfig vlan0
> 	vlan: 100 802.1p: 6 CFI: 0 mode: trust vlandev: bge0
> Here we are trusting received from low level information and set 6 if it 
> is omitted
> ifconfig vlan0
> 	vlan: 100 802.1p: 6 CFI: 0 mode: override vlandev: bge0
> Here we silently set 6.

I would really like this feature.

Thanks for you work !
Best regards,
-- 
Jeremie Le Hen
jeremie at le-hen.org