Policy routing idea (Was: ipfw: Would it be possible to
continue processing rest of rules after match ?)
Luigi Rizzo
rizzo at icir.org
Wed Jun 22 12:33:08 GMT 2005
On Wed, Jun 22, 2005 at 01:40:35PM +0300, Ari Suutari wrote:
> Hi,
>
> Luigi Rizzo wrote:
> > i suggest to implement a new action 'setnexthop' which stores the
> > next hop as an MTAG with the packet (so it is preserved if the
> > packet gets passed to dummynet).
>
> I took a quick look at how ipfw forward has been implemented.
> It seems to use PACKET_TAG_IPFORWARD to store routing info.
> If I would implement "ipfw setnexthop" with a new MTAG it
> would duplicate very much code already present for PACKET_TAG_IPFORWARD.
yes i think you should reuse the tag, just add a new opcode so that
the action is attach the mtag to the mbuf if not there yet
(maybe override its content if you believe you could match multiple rules of
this type) and then continue processing as in a 'count' action.
cheers
luigi
> If I could reuse the same MTAG this would be easier to add, all
> that would be needed is a new opcode for ipfw (or am I missing
> something important ?)
>
> Ari S.
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
More information about the freebsd-net
mailing list