On 11/16/11 12:55 AM, Ed Schouten wrote:
* Maxim Ignatenko<[email protected]>, 20111115 21:18:
I'm currently inventing the wheel^W^W^Wwriting a firewall from scratch and
looking for most convenient way to establish communication between userspace
processes and kernel part. Communication pattern best fits to listening
PF_LOCAL socket opened from kernel and userspace processes connecting to it.
What's wrong with a character device?
you can't easily have a different character device depending on which
jail you are in..
(well, you can but it gets tricky).. see the problem with /dev/pflog
and vimages.
Maxim, look at the usage of sockets with netgraph ng_socket node.. also
divert sockets.
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[email protected]"
