ipfw divert with layer2 (if_bridge) packets
Luigi Rizzo
rizzo at icir.org
Wed May 10 06:15:06 UTC 2006
On Wed, May 10, 2006 at 10:07:10AM +0400, Andrey V. Elsukov wrote:
> Julian Elischer wrote:
> > I have changes that make it work in 4.x but they will not apply to 5.x
> > or later..
> > Luigi also has some changes that allow it..
>
> I can try porting an older patches which allow this.
> Is there a chance for including this feature into base system?
sorry if i missed the earlier part of the thread...
the earlier patches i posted (for 4.x) had a race problem because L2
packets would be processed with the wrong spl mask leading to
possible corruption in the socket buffer.
A fix for that involves sending divert packets to the ipintrq
so they could be reprocessed with the correct masks.
Probably 6.x does not have the same problem as the locking there
is different. So in that case it might just be a case of adapting
the patch to compile.
cheers
luigi
More information about the freebsd-net
mailing list