tech-net: Re: Changing packet input processing paths

Subject: Re: Changing packet input processing paths
To: None <tech-net@NetBSD.org>
From: Matthias Scheler <tron@zhadum.org.uk>
List: tech-net
Date: 08/27/2007 17:52:51

On Mon, Aug 27, 2007 at 04:37:46AM +0200, Darren Reed wrote:
> Should IPFilter just put them on the relevant packet queue
> for v4/v6 (for inbound/outbound) and filter it a second time?

Yes, probably.

That allows seperating NPT (network protocol translation) and
firewall rules.

	Kind regards

-- 
Matthias Scheler                                  http://zhadum.org.uk/