anish babu wrote:
... I want to clarify one more thing on the project that I am working on - 'Create an in-kernal API for Packet Classes'. Instead of tagging the packets by pf and then converting the tags to tokens, Is it not possible to send the packets matching a particular rule set directly to an output queue? I think it should work fine for queues created by ALTQ but are there any issues with interface drivers?
I think what you're referring to here is "policy based routing", where (for instance),
you do a rule like this with ipfilter: pass in on bge0 to fxp0:1.2.3.4 proto tcp from any to any port = 80...and that bypasses the routing tables (yes) and queues the packet directly on fxp0 (yes.) Now if there are multiple output queues per interface, I'm not sure
how you would address those using the above without some other means to define what those were (is this ALTQ?) Darren