Changeset View
Changeset View
Standalone View
Standalone View
sbin/ipfw/ipfw.8
Context not available. | |||||
rule which matches the first fragment of the packet. | rule which matches the first fragment of the packet. | ||||
.Pp | .Pp | ||||
Packets diverted to userland, and then reinserted by a userland process | Packets diverted to userland, and then reinserted by a userland process | ||||
may lose various packet attributes. | may lose various packet attributes and tags. | ||||
The packet source interface name | An application using a divert socket should reuse the received sockaddr struct | ||||
will be preserved if it is shorter than 8 bytes and the userland process | |||||
saves and reuses the sockaddr_in | |||||
(as does | (as does | ||||
.Xr natd 8 ) ; | .Xr natd 8 ) | ||||
otherwise, it may be lost. | to make sure the packet's direction and FIB will preserved. | ||||
If a packet is reinserted in this manner, later rules may be incorrectly | Otherwise later rules may be incorrectly applied, making the location of | ||||
applied, making the order of | |||||
.Cm divert | .Cm divert | ||||
rules in the rule sequence very important. | rules in the rule sequence very important. | ||||
.Pp | .Pp | ||||
Context not available. |