Re: [lwip-devel] Packet processing stack hooks

[James G. Smith]

On 30/01/2025 09:28, Bogad, Katharina wrote:
> ...
> > Question: why not leave LWIP_HOOK_IP4_INPUT as it is and
> > just add LWIP_HOOK_IP4_PREROUTING and your other hooks?
> > Just issue a warning saying not to use it if you use firewall code.
> > I think it's a good idea to leave existing code functioning as before.
>
> My most glaring problem with the current placement of the hook is 
> that is simply in the wrong place in the processing stack. Compared 
> to other IP stacks, input always means "packets destined for local 
> processing only". The current placement leads to a situation where
> the input hook receives more packets than I would expect. Maybe I am
> alone in this feeling; and I don't know the development history
> here, but I if I had to guess I'd suspect that the hook was there
> before forwarding was a thing.

This is purely a naming issue, and in my opinion (like Eric) for 
backwards compatibility it should remain as-is.

You may believe, With hindsight, that the name choice may not be the 
best; but why create diffs and merge heartache when we are not talking 
about a bug-fix or functionality change. It exists just now at the start 
of the ip4_input() path and can continue to live there.

Your new code (as well as being configurable by a lwipopts.h manifest) 
could easily use a new HOOK name, and if you need it can be documented 
for the new hooks that LWIP_HOOK_IP4_INPUT is a misnomer re. firewall 
functionality in that it is a unprocessed packet hook and is not 
needed/enabled for your firewall support.

If you really "need" to see the word INPUT in the hook name then maybe 
LWIP_HOOK_IP4_PREROUTING_INPUT :-)

There is no **need** to move/rename LWIP_HOOK_IP4_INPUT.

In your firewall configured world the existing hook would just not be 
enabled/used.

Just my tuppence worth.
Cheers,
-- Jamie