tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Patch: accept filters for NetBSD



On Jan 29, 12:13am, tls%rek.tjls.com@localhost (Thor Lancelot Simon) wrote:
-- Subject: Re: Patch: accept filters for NetBSD

| On Tue, Jan 29, 2008 at 12:37:25AM +0000, Christos Zoulas wrote:
| > 
| > Looks ok; but it has a coyotepoint include... Is there documentation for
| > it? Also it seems a bit awkward to parse ascii strings in the kernel?
| 
| Whoops.  That include is not necessary.  Do you see a way to retain
| compatibility with the FreeBSD API, allow the addition of further
| filter modules without forcing the recompilation of existing applications,
| and not parse the ASCII string in the kernel?  If so, I'll make the
| appropriate adjustment.

I don't see a way, seeing that we have a precedence of using PLISTs, perhaps
we should not be compatible and use PLISTS [if appropriate] like we do in
other ioctls.

| I have a half-cooked patch for inetd to all specification of an accept
| filter and its argument after the socket type, if the socket type is
| "stream":
| 
| http  stream:http,argument    tcp     .....
| 
| I'll post it when I get a chance to test whether it works as I expect.
| FreeBSD has accept_filter(9) and accf_httpd(9) and accf_dataready(9).
| I will produce an accf_ssl(9) as well, sooner or later, which waits
| to receive a minimum-size SSL record before bothering userspace.  Filters
| for common protocols are pretty easy to write and another one it would be
| neat to have would be SMTP.

Sounds good to me.

christos



Home | Main Index | Thread Index | Old Index