Very well, but why do we need Netgraph, and why should we care? Because some user-space applications rely on the Netgraph facility, such as the mpd tool often used for PPTP connections or the Netgraph ATM implementation. Individual node types form kernel modules and are loaded automatically if they are not compiled into the kernel. Example B-1 presents the Netgraph kernel configuration options for various device-independent node types.
# netgraph(4). Enable the base Netgraph code with the NETGRAPH option. # Individual node types can be enabled with the corresponding option # listed below; however, this is not strictly necessary because netgraph # will automatically load the corresponding KLD module if the node type # is not already compiled into the kernel. Each type below has a # corresponding man page; e.g., ng_async(8). options NETGRAPH #netgraph(4) system options NETGRAPH_ASYNC options NETGRAPH_BPF options NETGRAPH_CISCO options NETGRAPH_ECHO options NETGRAPH_ETHER options NETGRAPH_FRAME_RELAY options NETGRAPH_HOLE options NETGRAPH_IFACE options NETGRAPH_KSOCKET options NETGRAPH_L2TP options NETGRAPH_LMI # MPPC compression requires proprietary files (not included) #options NETGRAPH_MPPC_COMPRESSION options NETGRAPH_MPPC_ENCRYPTION options NETGRAPH_ONE2MANY options NETGRAPH_PPP options NETGRAPH_PPPOE options NETGRAPH_PPTPGRE options NETGRAPH_RFC1490 options NETGRAPH_SOCKET options NETGRAPH_TEE options NETGRAPH_TTY options NETGRAPH_UI options NETGRAPH_VJC
Netgraph consists of kernel code and hooks, a user library for using the socket node, and the two command-line utilities?nghook(8) and ngctl(8)?that allow interaction with the kernel Netgraph system. For a thorough discussion of these tools and implementation details, turn to Archie Cobbs's excellent article on DaemonNews (http://www.daemonnews.org/200003/netgraph.html), which forms the authoritative guide to the Netgraph facility; also check the relevant manual pages.