mvs's vnet(4) diff reminded me of pfsync(4).
This works on my my pair of amd64 firewalls.
Feedback? OK?
Index: if_pfsync.c
===================================================================
RCS file: /cvs/src/sys/net/if_pfsync.c,v
retrieving revision 1.275
diff -u -p -r1.275 if_pfsync.c
--- if_pfsync.c 29 Jul 2020 12:08:15 -0000 1.275
+++ if_pfsync.c 9 Aug 2020 00:52:41 -0000
@@ -253,7 +253,7 @@ void pfsync_update_net_tdb(struct pfsync
int pfsyncoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
struct rtentry *);
int pfsyncioctl(struct ifnet *, u_long, caddr_t);
-void pfsyncstart(struct ifnet *);
+void pfsyncstart(struct ifqueue *);
void pfsync_syncdev_state(void *);
void pfsync_ifdetach(void *);
@@ -339,12 +339,12 @@ pfsync_clone_create(struct if_clone *ifc
ifp->if_softc = sc;
ifp->if_ioctl = pfsyncioctl;
ifp->if_output = pfsyncoutput;
- ifp->if_start = pfsyncstart;
+ ifp->if_qstart = pfsyncstart;
ifp->if_type = IFT_PFSYNC;
ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
ifp->if_hdrlen = sizeof(struct pfsync_header);
ifp->if_mtu = ETHERMTU;
- ifp->if_xflags = IFXF_CLONED;
+ ifp->if_xflags = IFXF_CLONED | IFXF_MPSAFE;
timeout_set_proc(&sc->sc_tmo, pfsync_timeout, NULL);
timeout_set_proc(&sc->sc_bulk_tmo, pfsync_bulk_update, NULL);
timeout_set_proc(&sc->sc_bulkfail_tmo, pfsync_bulk_fail, NULL);
@@ -418,9 +418,9 @@ pfsync_clone_destroy(struct ifnet *ifp)
* Start output on the pfsync interface.
*/
void
-pfsyncstart(struct ifnet *ifp)
+pfsyncstart(struct ifqueue *ifq)
{
- ifq_purge(&ifp->if_snd);
+ ifq_purge(ifq);
}
void
