> Wouldn't a more general approach be better. e.g. a way to "tag" a packet > before it is sent to divert and a matching tag-lookup that can do further > action. This would make it very easy to do all kinds of stuff that needs to > know the original address instead of the translated one while avoiding code > duplication.
Having the possibility to tag a packet would be worth indeed. But I think that Milan wants to bring network stack virtualization in newer release of FreeBSD IIUC. This would be, IMO, a great improvement of FreeBSD networking, although I'm pretty sure this would make Netgraph people react a bit ;-). > pf does something along these lines in case you are looking for references. Would it be possible to share this tag among pf and ipfw ? Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
