tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Patch: accept filters for NetBSD



On Tue, Jan 29, 2008 at 12:37:25AM +0000, Christos Zoulas wrote:
> 
> Looks ok; but it has a coyotepoint include... Is there documentation for
> it? Also it seems a bit awkward to parse ascii strings in the kernel?

Whoops.  That include is not necessary.  Do you see a way to retain
compatibility with the FreeBSD API, allow the addition of further
filter modules without forcing the recompilation of existing applications,
and not parse the ASCII string in the kernel?  If so, I'll make the
appropriate adjustment.

I have a half-cooked patch for inetd to all specification of an accept
filter and its argument after the socket type, if the socket type is
"stream":

http    stream:http,argument    tcp     .....

I'll post it when I get a chance to test whether it works as I expect.
FreeBSD has accept_filter(9) and accf_httpd(9) and accf_dataready(9).
I will produce an accf_ssl(9) as well, sooner or later, which waits
to receive a minimum-size SSL record before bothering userspace.  Filters
for common protocols are pretty easy to write and another one it would be
neat to have would be SMTP.

Thor



Home | Main Index | Thread Index | Old Index