pf tables locking
Kajetan Staszkiewicz
vegeta at tuxpowered.net
Tue Aug 14 23:54:52 UTC 2018
On Tuesday, 14 August 2018 15:44:52 CEST Ermal Luçi wrote:
> If you really want to spend time on it, the best option is to pull out the
> pool concept used by the rules/nat... and manage it outside of the
> rules/states but in its own module referenced by the former ones.
Do you mean as separate kernel module? Or totally outside of kernel? I was
considering doing this outside of kernel by providing a weighted round-robin
algorithm but that would still require most of the patches as for doing it
within kernel, in order to get counters working for redirection tables and
state counter per table element, which both are missing in kernel now.
> This would allow extensibility and propper reasoning about it.
It might be the late hour but I really don't see how it would be extensible.
Please be more specific.
--
| pozdrawiam / greetings | powered by Debian, FreeBSD and CentOS |
| Kajetan Staszkiewicz | jabber,email: vegeta()tuxpowered net |
| Vegeta | www: http://vegeta.tuxpowered.net |
`------------------------^---------------------------------------'
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freebsd.org/pipermail/freebsd-pf/attachments/20180815/3c4fa8e6/attachment.sig>
More information about the freebsd-pf
mailing list