d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
08e77283b7
freebsd-dev/sys/netpfil
History
Kristof Provost bbec8e698b pf: call dummynet directly from the ethernet code 
Until recently dummynet in ethernet rules did not send packets directly
to dummynet but instead marked them and left the interactions with
dummynet to the layer 3 pf code.
This worked fine for incoming packets (where we process ethernet rules
before layer 3 rules), but not for outbound packets (where the order of
operations is the reverse).

Dummynet does support handling layer 2 traffic, so send the packets
directly to dummynet.

The main limitation now is that pf does not inspect layer 4 (i.e.
TCP/UDP) so we don't have protocol information or port numbers. Dummynet
potentially uses this to separate traffic flows, which will not work for
ethernet dummynet rules. However, pipes (i.e. adding latency or
restricting bandwidth) will work exactly as expected.

Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D35257
2022-05-20 14:49:31 +02:00
..
ipfilter/netinet netpfil: Remove a double word in a source code comment 2022-04-09 14:20:09 +02:00
ipfw dummynet: do not store struct ifnet pointers 2022-05-20 14:49:30 +02:00
pf pf: call dummynet directly from the ethernet code 2022-05-20 14:49:31 +02:00