kern/80642: [ipfw] [patch] ipfw small patch - new RULE OPTION
Vadim Goncharov
vadim_nuclight at mail.ru
Thu Mar 13 09:21:21 UTC 2008
Hi vwe at FreeBSD.org!
On Wed, 12 Mar 2008 21:00:55 GMT; vwe at FreeBSD.org wrote about 'Re: kern/80642: [ipfw] [patch] ipfw small patch - new RULE OPTION':
> State-Changed-From-To: open->suspended
> State-Changed-By: vwe
> State-Changed-When: Wed Mar 12 20:58:32 UTC 2008
> State-Changed-Why:
> Awaiting maintainer interest.
> This may be useful for one, so we're not just closing this silently.
> http://www.freebsd.org/cgi/query-pr.cgi?pr=80642
Yes, this is useful, but some minor changes are needed, I think. First, rename
it to "bytelimit" or somewhat. Second, allow this to use tablearg and possibly
ability to reference a counter to corresponding dynamic rule, to allow this to
act for a specific IP or connection without need to write many rules. Third,
add packet counter as well. That's all possible with one opcode, though...
--
WBR, Vadim Goncharov. ICQ#166852181 mailto:vadim_nuclight at mail.ru
[Moderator of RU.ANTI-ECOLOGY][FreeBSD][http://antigreen.org][LJ:/nuclight]
More information about the freebsd-ipfw
mailing list