Ng_dummy, simple netgraph traffic shaping node

JorgeAldoBR

I dont know whats the bug in the kernel that makes pf redirects break the dummynet code.

But, anyone tried this "dummynet like" alternative ?

http://www.tel.fer.hr/zec/BSD/ng_dummy/index.html

if the bug is in the dummynet code, then maybe this module could work ?

else, if the bug is in netgraph…

sullrich

The bug is in PFIL ordering, not dummynet.

CJSP is aware of the bug and will be introducing a patch to allow reordering of the pfil hooks on input and output.  If someone else has the knowledge to do a patch for this than please do.  Something like:

sysctl net.pfil.ordering.input ="pf,ipfw"
sysctl net.pfil.ordering.output ="ipfw,pf"
..
etc

JorgeAldoBR

While searching for info about this pfil ordering issue, i found the following discussion :

http://readlist.com/lists/freebsd.org/freebsd-net/0/1644.html

is this viable with ipfw and pf ?

sullrich

Yes, basically same problem.

JorgeAldoBR

i am searching now to see if its possible to link pf statically…

the ordering needs to be PF before ipfw ?

ipfw can be linked statically quite easily...

edit: ok, dumb me :P pf can be linked statically...

im downloading pfsense developers edition and i will give it a try...

pf statically and ipfw as a module, lets see if this solves the problem...

edit2: while searching for this bug i found that theres not a lot of people trying to fix this bug, at least thats what i saw on the pf-freebsd list...