Review please: pfil FIRST/LAST

Max Laier max at
Mon Mar 17 12:33:29 UTC 2008

On Monday 17 March 2008 11:29:15 Vadim Goncharov wrote:
> On Sun, 16 Mar 2008 00:05:36 +0100; Max Laier wrote about 'Review 
please: pfil FIRST/LAST':
> > attached is a small diff to allow pfil(9) consumers to force a
> > sticky position on the head/tail of the processing queue.  This
> > can be used to do traffic conditioning kind of tasks w/o
> > disturbing the other filters.  I will need this to implement
> > carp(4) ip based load balancing.  While here I also removed a few
> > paragraphs in BUGS which are no longer true (since we are using
> > rmlocks for pfil(9)).
> >
> > I'd appreciate review of the logic in pfil_list_add - just to make
> > sure I didn't botch it.  Thanks.
> Could it be done a way which will allow user a simple configuration of
> filter plly ordering? E.g. to specify that order must alway be "ipfw,
> then pf".

This is a separate issue.  I had patches once to specify hook order via 
sysctl and will probably revisit this as I like the idea.  For now, 
though, this is not what I'm interested in.

/"\  Best regards,                      | mlaier at
\ /  Max Laier                          | ICQ #67774661
 X  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

More information about the freebsd-hackers mailing list