New preview patch for ipfw to pfil_hooks conversion
Maxim Konovalov
maxim at macomnet.ru
Tue Jun 22 08:15:41 GMT 2004
Hi Andre,
On Mon, 21 Jun 2004, 23:36+0200, Andre Oppermann wrote:
> Here is the next preview patch for the ipfw to pfil_hooks conversion:
>
> http://www.nrg4u.com/freebsd/ipfw-pfilhooks-and-more-20040621.diff
>
> This patch significantly cleans up ip_input.c and ip_output.c.
>
> The following is included in this patch:
>
> o Remove all ipfw related cruft from ip_input() and ip_output()
> o New ip_fw_pfil.c file which contains all ipfw/pfil_hooks logic
>
> o ipfw firewalling, divert and dummynet works fine
>
> o ipfw forward is not yet implemented again (comes next)
> o ipfw layer2 is not yet implemented again (comes next)
>
> o ip_reass() is a self-contained function now (external code only relocated)
>
> o All IP Options related functions of ip_input/ip_output are moved into
> their
> own ip_options.[ch] file to have them together in one place
>
> o Some other small work in progress
Is it possible to split that ~100KB patch in a logic chunks? One for
phil_hook, one for ip_pcbopt, one for ip_reass etc. Much easier to
review and commit them later.
> Consider this a FYI. It is very much a WIP at the moment. I want
> to get this into the tree in before 5.3 code freeze.
In fact, our real world tests shown the current -CURRENT comparing to
RELENG_5_2 is in a very bad shape. Is it really worth to commit that
mostly cleanup code before say 6-CURRENT with a chance to
destabilizate -CURRENT a bit more?
--
Maxim Konovalov
More information about the freebsd-net
mailing list