ipfilter and ipfw order.
Vlad GALU
vladgalu at gmail.com
Fri Jun 24 12:29:24 GMT 2005
On 6/24/05, ming fu <fming at borderware.com> wrote:
> Hi,
>
> In the 4.x kernel, ipfilter was hardcoded before ipfw in the ip_input().
> However, in the 5.x kernel, they register themselve to the pfil hook. As
> there isn't a priority number during the hook up, looks like who ever
> register first get to filter the packet first.
>
> In case I want to preserve the 4.x behaviour of ipf before ipfw in the
> input path, how do I reliable achieve that.
Link ipfilter statically inside the kernel. Load ipfw as a module.
>
> Regards,
> Ming
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
--
If it's there, and you can see it, it's real.
If it's not there, and you can see it, it's virtual.
If it's there, and you can't see it, it's transparent.
If it's not there, and you can't see it, you erased it.
More information about the freebsd-net
mailing list