On 4/13/06, Travis H. <[EMAIL PROTECTED]> wrote: > Just some suggestions. > 2) Sticky queue assignments. Using tags for many purposes gets klunky.
This has come up on the list a couple times in the past (at least once by myself). Using tags becomes an art when used for this and eventually you realize that you want tags for more than queues, then you start getting into some really really nasty logic (and end up with huge rulesets). The tricky part of this is the "default" behaviour. People expect that if they don't assign a queue, it goes into the default queue. Making queues sticky could change this behaviour. I don't have any good suggestions for this other than another keyword (sticky-queue or such...ick). > 5) Rules symmetric to nat and rdr. I.E., change dst IP on outbound > packets, change src IP on inbound packets. That would be nice, I've certainly found a few instances where I could have used something like this. I may decide to tackle #2 myself at some point - the easiest way to do it is to probably make another rule type other than pass/block and forget about the 'sticky' part as you could at least put the queue rules at the tail of your ruleset then. 'spose I oughta clean up the code I wrote to expose the queues in the state table and submit that diff for review first. --Bill
