IPFIREWALL_FORWARD

[Julian Elischer]

n j wrote:
>> A loadable module requires a coherent piece of code to implement the
>> functionality, that can be put into the module. This option
>> scatters tiny snippets of code throughout the exisitng
>> TCP/UDP/IP/ipfw code.
> 
> Is that just a matter of current implementation or is that 'scatter'
> necessary for forward functionality?

it's needed for the functionality.

you need to slightly change the behaviour or the existing stack in 
quite a number of places to handle a forwarded packet.