On Mon, Oct 4, 2010 at 2:02 PM, Brandon Gooch <jamesbrandongo...@gmail.com> wrote: > On Mon, Oct 4, 2010 at 9:44 AM, Eduardo Meyer <dudu.me...@gmail.com> wrote: >> Hello, >> >> In the past I have used this patch by Luigi Rizzo, which helped me well. >> >> http://lists.freebsd.org/pipermail/freebsd-ipfw/2003-September/000526.html >> >> I tried with a friend to port it to -STABLE, but we were not able to >> find out what has replaced mt_tag. Also on ip_input.c we dirty hacked >> to following piece of code: >> >> #ifdef IPFIREWALL_FORWARD >> if (m->m_flags & M_FASTFWD_OURS) { >> m->m_flags &= ~M_FASTFWD_OURS; >> goto pass; /* XXX was 'ours' - SHOULD WE MODIFY IT HERE */ >> } >> if ((dchg = (m_tag_find(m, PACKET_TAG_IPFORWARD, NULL) != NULL)) != >> 0) { >> /* >> * Directly ship the packet on. This allows forwarding >> * packets originally destined to us to some other directly >> * connected host. >> */ >> ip_forward(m, dchg); >> return; >> } >> #endif /* IPFIREWALL_FORWARD */ >> >> And this is something we are not sure if its correct. >> >> So my very obvious question is: >> >> Does anyone has a recent version of this patch to share? >> >> Can anyone familiar with ipfw source code help me with that? >> > > I'm certainly not an expert, but I wonder if the patch your referring > to is still required? Can you provide more detail about your > particular application? > > -Brandon
Yes, its still required since ipfw fwd ignores layer2 frames. The application is the very same: squid. I mean, Lusca in fact (squid fork). Thank you for your interest. -- =========== Eduardo Meyer pessoal: dudu.me...@gmail.com profissional: ddm.farmac...@saude.gov.br _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"