Matt Impett wrote: > Ok.. Modifying the ipfw stuff is where I ended up after looking at this for > a while. I have thought about adding something like the following: > > ipfw add fwd-intf GIF-DEVICE all from SOURCE to any > > The only problem I have seen with this (besides needing to modify the kernel > and the user space ipfw application) was this: Once this rule is matched, > the output routine of the GIF-DEVICE will be called and it will expect a > rtentry structure to be passed. Unfortunately, I won't really have a > correct rtentry structure as I am now forwarding to the device on a firewall > rule instead of a routing table entry. > > However, from looking at the gif code, I don't think it really uses the > rtentry structure anyway, so hopefully I won't break too much by passing a > bogus one. > > Sound reasonable??
Yup, but I'm really too familiar with the routing or ipfw parts of the network stack. Ping Luigi? Lars PS: Minor nit: I'd overload the "fwd" action instead of creating a new one. -- Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute
smime.p7s
Description: S/MIME Cryptographic Signature
