[PATCH] ng_tag - new netgraph node,
please test (L7 filtering possibility)
Vadim Goncharov
vadimnuclight at tpu.ru
Mon Jun 12 22:51:51 UTC 2006
13.06.06 @ 01:57 Ulrich Spoerlein wrote:
> Vadim Goncharov wrote:
>> I hope that my explanation was helpful enough to understand :) Also, if
>> you will be using
>> 7.0, include BPF_JITTER in your kernel config as this will enable
>> native code-compiling for
>> bpf and ng_bpf - this will speed things up.
>
> Am I the only one, that thinks BPF_JITTER is a stupid name? It suggest
> you add or enable jitter for the packet flow. No one wants jitter! It
> sucks. Why isn't it called simply BPF_JIT? Everyone knows what JIT
> stands for, JITTER on the other hand is to be avoided.
I also think so, but that is not in my competence. But I, after two days
of discussion, I must say another thing:
WHERE ARE TESTERS ?!
You all are wanting this node to be included into FreeBSD src tree, so
that it will be available in standard distribution. But before this code
should be tested and bugs fixed, if any. And I don't yet see any success
stories / bug reports !
>> P.S. Here is quick-and-dirty primer how to convert ipp2p functions to
>> ng_bpf(4) input expression for tcpdump(1).
[...]
>> "get_u32 == __constant_htonl()" means comparing 4-byte values at given
>> offset.
>
> Great stuff, this should make it somewhere into /usr/share/examples!
Good idea, but still to be worked for more P2P types examples, and BPF
assembly language explanation, as I suspect some things can't be done but
tcpdump expressions, though still possible on ng_bpf. Unfortunatelly I do
not have much time for this.
--
WBR, Vadim Goncharov
More information about the freebsd-net
mailing list