small tun(4) improvement
Julian Elischer
julian at elischer.org
Thu Oct 14 16:23:52 PDT 2004
Andre Oppermann wrote:
>Julian Elischer wrote:
>
>
>>Andre Oppermann wrote:
>>
>>
>>>P.S. I'm working on making protocols within protocols domains loadable at
>>>least for IPv4.
>>>
>>>
>>>
>>I did some work on this once.. things have got a lot more complicated
>>however with locking..
>>
>>
>
>Actually there are not that many locking problems with the register and
>unregister functions themselfes. It get a little bit more trickier with
>the stuff using these hooks though.
>
>
>
>>>I'm using this to make DIVERT a loadable module.
>>>
>>>
>>>
>>cool.. the trick is to work out how to make it (un)attach to ipfw..
>>
>>
>
>DIVERT sockets in themselfes do not depend on ipfw. You can send out
>packets just fine through a diver socket even when ipfw is missing.
>But you can't get any packets from the kernel unless ipfw puts them
>up to divert. Nothing that prevents other uses or users of divert
>in the end (ng_divert perhaps...).
>
yes I know, that's how we wrote divert.. (to be independent) netgraph
came later..
I guess we would have done divert differently if we had done netgraph
first..
probably would have given ipfw a "hook" command that sent
packets out a netfgaph hook to whatever was attached.. hmm that could
still be really usefull...
a netgraph NAT module anyone?
>
>
>
More information about the freebsd-net
mailing list