2009/1/8 Julian Elischer <jul...@elischer.org>: > I see you always call ether_demux when a packet is moved up..
s/you/you/ :) This is all your stuff IIRC, I just ported and commented as required. > hopefully that will also work if an interface is NOT ethernet? this is why i left the ethernet bridge interception stuff out in a seperate diff. I'll commit it only once I've spoken to bridge-cluey people and have their blessing. > hey I know I originally wrote this but it's been a while and > I must say I was following tracks made by others, and we > are using aonly a subset of possible hardware... Well, its entirely possible this stuff will be deployed in two scenarios: * where its all done at the IP layer, eg policy routing, IPFW * where its being done as part of a transparent ethernet bridge > FYI we will probably switch to a single netgraph node that > does bridging and filtering combined in 7.x :-) That'd certainly be nicer. ;) About the only thing I'm looking to add to this later on is to flesh out IPv6 source address spoofing too, just in case V6 catches on. Adrian _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
