Bruce M. Simpson wrote:
Christian S.J. Peron wrote:
I can't think of a reason why a user would wish to supply any
multicast socket options to a divert socket, other than the 'small'
ones, i.e. IP_MULTICAST_TTL/IF/LOOP/VIF.
Why would these options ever be set on the divert socket itself though?
To me it would make sense if these options were set on the network
socket that originally sent the multicast packet itself.
They shouldn't be necessary, however I can foresee situations where
someone might well want to redirect multicast datagrams traversing an
IPPROTO_DIVERT socket, by using these socket options. [Recall that
FreeBSD's IPv4 stack currently uses the destination address as the sole
primary key for lookups in the forwarding information base's radix trie.]
This is however very unlikely, so my last suggestion, that multicast
options be deprecated or forbidden for IPPROTO_DIVERT sockets, stands.
Originally we wanted a way to be able to inject any kind of
ip packet that could be generated, because the aim was to
allow a user agent to do arbitrary processing on packets. however
to be really correct, a divert injection should occur at teh position of the
firewall
where diversion occurs but there is no way to do that and anyhow they need
to get some of the internal state added to them before they get there, so
puting them in via ip_output seemed the way to go.
I've never had much to do with multicast, so I'm not sure if it makes sense
to inject there, but if you wanted to divert multicast packets
and change them slightly, and then reinject them, it would be a blow
to discover that you couldn't.
Kind regards
BMS
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
