cvs commit: src/sys/modules/ipdivert Makefile
src/sys/netinetin_proto.c ip_divert.c ip_divert.h ip_fw2.c ip_fw_pfil.c
Andre Oppermann
andre at freebsd.org
Tue Oct 19 14:35:27 PDT 2004
Julian Elischer wrote:
>
> Andre Oppermann wrote:
>
> >andre 2004-10-19 21:14:57 UTC
> >
> > FreeBSD src repository
> >
> > Modified files:
> > sys/netinet in_proto.c ip_divert.c ip_divert.h
> > ip_fw2.c ip_fw_pfil.c
> > Added files:
> > sys/modules/ipdivert Makefile
> > Log:
> > Convert IPDIVERT into a loadable module. This makes use of the dynamic loadability
> > of protocols. The call to divert_packet() is done through a function pointer. All
> > semantics of IPDIVERT remain intact. If IPDIVERT is not loaded ipfw will refuse to
> > install divert rules and natd will complain about 'protocol not supported'. Once
> > it is loaded both will work and accept rules and open the divert socket. The module
> > can only be unloaded if no divert sockets are open. It does not close any divert
> > sockets when an unload is requested but will return EBUSY instead.
> >
>
> Can you unload it if there are divert rules?
Yes, but not when natd is still running (because then a socket is open).
> If yes, what happens if a packet is then diverted..?
The same that happens when you have a divert rule but no natd running to
take care of the packets; they are m_free'd.
--
Andre
More information about the cvs-src
mailing list