[PATCH] PF+dummynet

Peter Jeremy peter.jeremy at alcatel-lucent.com
Mon Aug 22 02:45:43 UTC 2011

[This is fairly old but has recently bubbled to the top of my TODO list]

On 2011-Jul-13 23:35:44 +0800, Ermal Luçi <eri at freebsd.org> wrote:
>I reverted back from having the pipes configured in pfctl because it
>will be a catching game with ipfw.
>To me it seems quite awkward that you cannot use ipfw to do all the
>configuration and
>just use the pipe/queue numbers for sending traffic to it on pfctl.

Whereas, to me it seems awkward that you use pfctl to attach
dummynet flows to pf rules but you can't use pfctl to manage the
dmmmynet configuration.

I have managed to integrate ipfw/dummynet.c into pfctl and it all
seems to work for me - except that flows are not persistent so that
my statistics doesn't work.  I am still working through to see if
this is something I broke or a new "feature".

I hope to forward patches once I'm happy with it.

>To me something that is glued on ipfw should stay there as it will get
>the best support.
>Possibly splitting dummynet configuration out to dnctl might have an argument.

IMHO, it would be a great improvement to separate dummynet from ipfw.

Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20110822/fd60e735/attachment.pgp

More information about the freebsd-pf mailing list