Jeremie Le Hen wrote:
Wouldn't a more general approach be better. e.g. a way to "tag" a packet
before it is sent to divert and a matching tag-lookup that can do further
action. This would make it very easy to do all kinds of stuff that needs to
know the original address instead of the translated one while avoiding code
duplication.
Having the possibility to tag a packet would be worth indeed. But I
think that Milan wants to bring network stack virtualization in
newer release of FreeBSD IIUC. This would be, IMO, a great improvement
of FreeBSD networking, although I'm pretty sure this would make Netgraph
people react a bit ;-).
why?
I think they are orthogonal.
pf does something along these lines in case you are looking for references.
Would it be possible to share this tag among pf and ipfw ?
Regards,
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
