[patch] ipfw packet tagging
Vadim Goncharov
vadimnuclight at tpu.ru
Fri May 12 15:51:19 UTC 2006
12.05.06 в 20:53 Luigi Rizzo в своём письме писал(а):
>> > I've tried Andrey Elsukov's ipfw "tag/tagged" patches from:
>> > http://butcher.heavennet.ru/patches/kernel/ipfw_tags/
>> >
>> > Tested on 5.5-PRERELEASE production server with moderate
>> > load - rock stable [I've also looked through the code - patch
>> > is small, so it simply can't be any bugs there ;)].
>> >
>> > Personally I very like the idea from original Andrey's letter
>>
>> I have tested on 6.1 and works fine too.
>>
>> Hope it gets commited. Very useful for altq/dummynet flexibility too.
>
> i would, however, like to have a bit more documentation in the patch,
> in particular:
>
> - a manpage patch describing how to use the thing, and also the
> behaviour in in odd situations (e.g. what happens when we try to tag
> a packet multiple times ? does the tag survive between the 'input'
> and 'output' path of ipfw for routed packets, etc ?).
A question about features: is it worth adding functionality of matching
range of tags? For example:
ipfw add pass ip from any to any tagged 1-5,10,20
--
WBR, Vadim Goncharov
More information about the freebsd-net
mailing list