Extending dummynet/ipfw
John Nielsen
lists at jnielsen.net
Mon Sep 27 15:55:45 UTC 2010
On Sep 27, 2010, at 11:20 AM, Paul Joe wrote:
> I have attached a patch which allows to do flow classifications in userland
> (e.g based on url categories, LDAP users)
> and do bandwidth control in kernel(dummynet).
>
> The patch has
>
> a) a setsocketopt, to associate a pipe to the socket.
>
> b) an ipfw option(sockarg) to redirect flows to corresponding pipe.
>
> Moreover, a member uint32_t is added to struct socket to hold the pipe info.
>
> I guess this structure is not part of kernel userland ABI.
>
> Please let me know your comments, which I would be glad to incorporate
This is something I have wished for in the past so I'm glad to see it. I'd love to test it but I'm not sure what to do, especially on the userland side. Could you post a simple ipfw ruleset that uses your patch along with directions or a simple example program for doing the userland classification?
Thanks!
JN
More information about the freebsd-net
mailing list