ipfilter and ipfw order.
ming fu
fming at borderware.com
Fri Jun 24 12:23:03 GMT 2005
Hi,
In the 4.x kernel, ipfilter was hardcoded before ipfw in the ip_input().
However, in the 5.x kernel, they register themselve to the pfil hook. As
there isn't a priority number during the hook up, looks like who ever
register first get to filter the packet first.
In case I want to preserve the 4.x behaviour of ipf before ipfw in the
input path, how do I reliable achieve that.
Regards,
Ming
More information about the freebsd-net
mailing list