ipfw2 interface / examples
Dirk-Willem van Gulik
dirkx at webweaving.org
Wed Apr 30 02:50:44 PDT 2003
I am recoding some firewall management code which acts on data on the
application layer (to open ports etc) from ipfw to the new ipfw2. And am
struggling a bit understanding what exactly to pass.
- Needless to say - a bug in your rule gives one
a 'Adding rule: Invalid argument' errno; is there
any way/tool to decode how the IP_FW_ADD struct is
passed and get some more insight ?
- Is there a simpler example than ipfw2.c, or an raw docs
for the getsockopt() api which helps me understand this better.
In particular the from/to 'O_IN/(!O_IN)' versus the ability
of ipfw.c to set both IP_FW_F_IN and IP_FW_F_OUT to make
the rule symetrical around from/to.
More information about the freebsd-hackers