Subject: Re: Extending pfil for IPv6
To: None <>
From: Darren Reed <>
List: tech-net
Date: 10/25/1999 22:33:52
In some email I received from, sie wrote:
> >At present, the PFIL_HOOK code is somewhat confined to the ipv4 protocol.
> 	netinet/{ip_fil.c,fil.c} is very IPv4 dependent.  Have you decided
> 	to tackle it?

Yes.  I am *not* attempting to do NAT for IPv6 (yet at least), just

> 	I believe using bpfilter (for packet capturing specification) is
> 	extensible and looks nice.  Userland configuration program would
> 	compile a BPF expression into BPF bytecode, and passes it down to
> 	the kernel as filtering expression.  BSDI4 is doing this.
> 	I would like to explore this direction but have no time for this yet...

I've had plans for that for some time.  When I get around to rewriting
some of the internals of ipfilter.  Mean time, hacks go in.  At the moment
not even hacks would work as hooks need to be placed properly..