New preview patch for ipfw to pfil_hooks conversion
Ian FREISLICH
if at hetzner.co.za
Tue Jun 22 08:29:17 GMT 2004
Andre Oppermann wrote:
> Here is the next preview patch for the ipfw to pfil_hooks conversion:
>
> http://www.nrg4u.com/freebsd/ipfw-pfilhooks-and-more-20040621.diff
>
> This patch significantly cleans up ip_input.c and ip_output.c.
That would be a very a nice thing, but it looks like this breaks
the patch that I submitted (kern/64240) which fixes the acknowledged
problem with 'ipfw tee' accepting packets instead of copying them
to the divert port and then processing the packet according to the
rest of the rule set.
There have been about 5 PRs (most with patches) in the past years
which all claim to fix this problem indicating that here is a need
for a fix. We rely on the fix in kern/64240 to collect traffic
accounting information for billing and statistical purposes. There
hasn't been much interest from the committers in having a look at
this even though the work has already been done.
Now that you're actively working on that part of the source, would
it be possible to take a look? I would also be happy to create a
new patch to fix this problem against ipfw with pfilhooks if that's
what it's going to take to get a fix committed.
Ian
--
Ian Freislich
More information about the freebsd-current
mailing list