[patch] RFC: allow divert from layer 2 ipfw (e.g. bridge)

Max Laier max at love2party.net
Thu Jul 27 22:06:14 UTC 2006 

On Thursday 27 July 2006 23:46, Julian Elischer wrote:
> Christian S.J. Peron wrote:
> > Max Laier wrote:
> >> On Wednesday 26 July 2006 20:35, Julian Elischer wrote:
> >>> This code is running on quite a few systems but in a very limited
> >>> environment that may not test all possibilities..
> >>>
> >>> Does anyone have comments or suggestions as to changes that I might
> >>> make
> >>> for checkin into generic FreeBSD? It was originally written for 4.x but
> >>> with 6.x in mind.
> >>> It is now running on 6.1 and seems to be ok so far.
> >>>
> >>> Certainly I am interested in hearing from Robert and Luigi and I am
> >>> particularly interested in
> >>> what people think on how this will handle locking/SMP difficulies.
> >>
> >> Instead of putting more special processing to every L2-entry point in
> >> the system, I'd prefer if we could finally get round to L2 pfil
> >> hooks.  That would make it much easier to add such functionality in a
> >> common hook function and use it everywhere.
> >
> > I agree with Max here, I think it's time we look at getting together
> > pfil hooks for layer 2. I would be interested in doing the leg work
> > here if you guys are willing to review it.
>
> The divert code changes are sort-of irrelevant to this discussion.
> it adds an ISR to handle divert input from L2.

I was referring to the changes in bdg_forward() and ether_output_frame() which 
could as well be placed inside a L2-hook inside ip_fw_pfil.c (where they 
belong IMHO).  We went through great length to clean the ip_input/output path 
off the IPFW/DIVERT entanglement.  I don't think we should create the 
same "mess" in L2 now, just to clean it up later.

That said, I'm not opposed against L2 divert or anything.  I just wanted to 
remind everybody about the plan of L2-pfil hooks that we talked about in the 
past.  I would love to see this happen prior the divert changes.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20060727/b2f43253/attachment.pgp

More information about the freebsd-net mailing list