- User Since
- Sep 26 2019, 9:24 AM (26 w, 2 d)
Thu, Mar 26
Wed, Mar 25
Patch does work with 12-STABLE, too. (removing the NEEDGIANT flag)
Tue, Mar 24
Sat, Mar 21
Fixed spacing for "if (" statements.
Running the whole source through indent(1) would make a much larger patch.
Mon, Mar 16
That would be my approach https://reviews.freebsd.org/differential/diff/69565/
I'd further eliminate the temporary storage "struct sockaddr_storage result", and copy directly from the gai result into the action (with memcpy).
I tried to use the already existing socket infrastructure to change the socket buffer values ...
Sat, Mar 14
Wed, Mar 11
Tue, Mar 10
How about detecting the port separator first? (i.e. repeatly call strpbrk)
Then you can easily distinguish between the cases
- starts with '[' -> numeric IPb6
- contains ':' -> numeric IPv6
- contains no letters -> numeric IPv4
- use gai()
Sat, Mar 7
@melifaro Are your concerns resolved?
@hrs Are your concerns resolved?
@brueffer Are your concerns resolved?
Widen the range of priority classes.
I'm sorry, but I do not see anything functionally connected with the new fib number.
This patch only stores and retrieves the number but does not consider it in its natting process itself.
So the whole fib processing is done in the ipfw ruleset, it has nothing to do with libalias.
What do I miss?
Thu, Mar 5
Updated to revision 358668.
Wed, Mar 4
The man page needs an update, too.
Tue, Mar 3
Sun, Mar 1
Store the current parameters of socket initialization in per socket data structures.
This way control and data sockets are allowed to have different buffer sizes (in theory).
And the buffer size of the socket in question is available for fragmentation handling, even if the sysctl values are changed.
We are going to hard production now.
Any interest in reviewing it?
Updated to revision 358500.
Sat, Feb 29
Fri, Feb 28
There is no implemented use case for count != 1.
Feb 27 2020
Allow the documented version to differ from the real structure. Document only the guaranteed elements.
Using libnetgraph is sufficient, no explicit test for version numbers necessary.
Added two more occurences of direct use of NG_VERSION: libexec/pppoed/pppoed.c usr.sbin/ppp/ether.c
The idea is to allow a split of large messages into smaller ones over size limited links. In kernel this is never necessary.
Feb 26 2020
Change to the correct idiom for enabled state.
Updated to revision 358355.
Updated to revision 358355.
That are the numbers for 400 CPE connecting per line for 12 lines and 900 active clients (dhclient ngethxxx).
Type name Number of living nodes --------- ---------------------- car 452 patch 12 tag 13 one2many 13 bridge 2 bpf 1 tee 13 vlan_rotate 1 vlan 4865 eiface 9600 socket 2
Feb 25 2020
Declare temporary variable as local.
Feb 24 2020
Switch to a more effienct processing of rc.files
Feb 21 2020
Feb 20 2020
Updated to revision 358170.
Feb 19 2020
Feb 18 2020
Feb 17 2020
Feb 16 2020
According to the man page "m_copypacket" makes a read-only version of the packet (by virtually setting some pointers to the same area of memory.
On contrary "m_dup" does copy also the content, so each version can be modified differently afterwards.
rebase to r358008.
Feb 15 2020
Feb 14 2020
Fix a lot of errors.
Renaming the struct and fields.
id numbers are not longer generic ints, but uint16_t.
Document creation of new nat instances in a more readable way.
Alloc memory only if outside of any locks.
Feb 13 2020
Chance to a simple table based approach.
Remove the whole caching framework incl. special opcode extensions.
Keep the table small (dynamically allocated).
Move local managment structures from global into local file.
No need for externally visible tunables anymore, no man page changes.
Not yet fully tested (only module loading/unloading, rule creating, deletion).
If somebody has some spare time to land this, it would be fine.
I do not have any commit rights.
In general, I'm pleased with the renaming from the generic "alias" to "range".
Feb 12 2020
considering routed as a common case, not a special handling
Well, we already allocate 2 such arrays for the rule index, so 512k won't drastically increase the footprint.
Is there anything missing?
Rebase to r357812
Rebase to r357812
As a side node perfomance is gained from collapsing
ipfw -q add 100 divert natd ip from any to any in via wan0 ipfw -q add 1000 divert natd ip from any to any out via wan0
ipfw -q add 100 divert natd ip from any to any via wan0
Feb 11 2020
I'm still not satisfied with the "upper bound", which is inconsistent between "config port range" and "matching port range" in the ipfw rule set. It does not allow to specify the highest port (but this is a minor issue).
@eugen_grosbein.net are your concerns handled?
Thank you. Somebody need to land this.