IPDIVERT
Luigi Rizzo
rizzo at icir.org
Wed Apr 30 00:42:47 PDT 2003
On Wed, Apr 30, 2003 at 02:31:14PM +0700, Max Khon wrote:
> hi, there!
...
> On Tue, Apr 29, 2003 at 11:05:29PM +0300, Ruslan Ermilov wrote:
> > > I have a suggestion to build GENERIC and ipfw.ko with IPDIVERT by default
> > > or change IPDIVERT to NOIPDIVERT and build boot kernels with NOIPDIVERT.
> > > The main goal is to allow to use NAT with stock kernels and ipfw.ko.
...
> AFAIK there is no possibility to add IPPROTO_DIVERT dynamically to
> inetsw[]. Some fields of 'struct ipq' are under #ifdef IPDIVERT as well.
> ipfw code under #ifdef IPDIVERT are just `case' labels and strings in printf's
> (like "ipdivert enabled"). In other words is it really
> worth splitting ipdivert into separate .ko module? Changing IPDIVERT to
> NOIPDIVERT will be cleaner in my opinion.
indeed, i believe we should make the main part of IPDIVERT processing
(in ip_input.c, ip_output.c, ip_fw2.c and ip_var.h) non-optional
(this would also allow a better realignment of fields in struct ipq)
and only make the code in ip_divert.c a module
cheers
luigi
-----------------------------------+-------------------------------------
Luigi RIZZO, luigi at iet.unipi.it . Dip. di Ing. dell'Informazione
http://www.iet.unipi.it/~luigi/ . Universita` di Pisa
TEL/FAX: +39-050-568.533/522 . via Diotisalvi 2, 56122 PISA (Italy)
Mobile +39-347-0373137
-----------------------------------+-------------------------------------
More information about the freebsd-net
mailing list