When the changing of firewall rules is doing with use of different ipfw(8) sets, each rules reloading leads to lost of all NAT64LSN states.
This patch adds ability to keep runtime configuration of NAT64 instance. To use this ability, an instance should be configured with swap_conf option. Then new instance should be created in new set with the same configuration, also new rules that use this instance should be in the same set too. So, when ipfw set swap is used, the set of all rules will be changed and also instance will use old runtime config, that keeps all states.
Details
Details
Diff Detail
Diff Detail
- Lint
Lint Passed - Unit
No Test Coverage - Build Status
Buildable 24719 Build 23482: arc lint + arc unit
Event Timeline
sbin/ipfw/ipfw.8 | ||
---|---|---|
3459 | It is actually state, not configuration that is being exchanged :-). What about naming an option as something like 'inheritable' or 'swappable'? | |
sys/netpfil/ipfw/nat64/nat64lsn.c | ||
1517 | Would it be possible to use more descriptive variable? inst / ilsn / whatever? | |
1528 | Would it make sense to store i->cfg pointer in a separate variable to avoid multiple pointer lookups & simplify code? |