Jachym Holecek wrote:
> I was looking for a mechanism of notifying userland about a change of
> firewalling rules, for needs of hardware assisted packet filtering (see
> openrouter.net). As I didn't find anything in IPF man pages, and bearing in
> mind IP filtering is (in theory) not the only one out there, I was thinking
> about similar interface to the one provided by the PF_ROUTE socket, eg.
> something like PF_FILTER delivering firewall table changes upon read().

Or perhaps a new type of kevent? 

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.org/
-=- We should be mindful of the potential goal, but as the tantric    -=-
-=- Buddhist masters say, ``You may notice during meditation that you -=-
-=- sometimes levitate or glow.   Do not let this distract you.''     -=-