Page MenuHomeFreeBSD

ipfw: Introduce dnctl
ClosedPublic

Authored by kp on May 26 2021, 9:13 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 11, 5:35 AM
Unknown Object (File)
Thu, Oct 24, 12:18 PM
Unknown Object (File)
Thu, Oct 24, 12:18 PM
Unknown Object (File)
Thu, Oct 24, 12:18 PM
Unknown Object (File)
Thu, Oct 24, 12:05 PM
Unknown Object (File)
Oct 16 2024, 7:53 PM
Unknown Object (File)
Sep 28 2024, 11:34 AM
Unknown Object (File)
Sep 28 2024, 9:22 AM
Subscribers

Details

Summary

Introduce a link the ipfw command, dnctl, for dummynet configuration.
dnctl only handles dummynet configuration, and is part of the effort to
support dummynet in pf.

TODO:

  • man page

MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 39459
Build 36348: arc lint + arc unit

Event Timeline

kp requested review of this revision.May 26 2021, 9:13 AM

For additional context: I'm trying to clear the way for pf to grow dummynet support as well. We can't expect pf users to configure dummynet through ipfw, so this allows us to use a separate tool (which doesn't require ipfw to be loaded) - dnctl - to do so.
Both ipfw and pf can use dnctl (and the ipfw tool will still just work).

There's other ongoing work that'll significantly modify dummynet (though not by me), so I've tried to make this change as small and easy as possible.

Would it be a hard rework to use is_dnctl() instead of is_ipfw()?
The special case is the new link, the default case is ipfw.
Background: If we factor out other parts, too, the current approach is not scalable.

Would it be a hard rework to use is_dnctl() instead of is_ipfw()?
The special case is the new link, the default case is ipfw.
Background: If we factor out other parts, too, the current approach is not scalable.

That should be straightforward enough, I think.

The expectation is that sooner or later we'll end up with a fully separated tool. ae@'s working on major improvements to dummynet, and part of that work also splits off the dummynet configuration into dnctl. That will be a much bigger change to both dummynet and dnctl though. This is the bare minimum to advance on the dummynet-in-pf front.

In D30465#688240, @kp wrote:

Would it be a hard rework to use is_dnctl() instead of is_ipfw()?
The special case is the new link, the default case is ipfw.
Background: If we factor out other parts, too, the current approach is not scalable.

That should be straightforward enough, I think.

It's straightforward to do, but I'm not sure I like it. We end up with a lot of if (! is_dnctl()) checks, and those less clearly express the intent behind the code than is_ipfw().

This revision is now accepted and ready to land.Jun 8 2021, 1:12 PM
This revision was automatically updated to reflect the committed changes.