On Mon, Apr 19, 2004 at 01:02:31AM -0700, Julian Elischer wrote: > > > On Mon, 19 Apr 2004, Daniel O'Connor wrote: > > > On Mon, 19 Apr 2004 13:09, Brooks Davis wrote: > > > On Mon, Apr 19, 2004 at 12:56:24PM +0930, Daniel O'Connor wrote: > > > > The recent emails about the bridge code from NetBSD made me interested in > > > > using netgraph to run snort on the combined traffic rather than having to > > > > run 2 copies (since we tunnel our class C using gif over IP over > > > > ethernet), however I can't see how to hook netgraph into a non-ethernet > > > > node :( > > > > > > > > Does anyone know if/how you can do it? (Specifically for gif) > > > > > > How about nf_gif(4)? > > > > Hmm, I see the man page, but no module.. Ahh, it doesn't appear to be built by > > default.. > > > > And it's not on my -stable box, guess I should do a manual merge :) > > > > there are some basic differences between netgraph nodes in -current and > in 4.x > check out the differences in a few nodes (e.g. ng_sample.c) > > to see what they are. > > in particular... in 4.x and earlier, the mbuf and metadaa are handled > separatly as arguments to things but in 5.x > they are both held in (well a pointer is in..) a struct item. > > which is passed around... the item structure needs to be freed if you > destroy it and there are macros to extract the mbuf and metadata > from the item. This is because in 5.x we often need to queue teh packet > including metadata and the 'item' is what is queued. > While we're on this topic, I wonder if you have plans to get rid of non-funcional diffs for ng_sample.[ch] between RELENG_4 and HEAD? If not, I could do it, and send you a patch (for RELENG_4) for review.
Cheers, -- Ruslan Ermilov [EMAIL PROTECTED] FreeBSD committer
pgp00000.pgp
Description: PGP signature
