PATCH: AGAIN, Add creation time to dynamic firewall rules
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Wed Dec 29 00:35:10 PST 2004
On Wed, 29 Dec 2004, David Schwartz wrote:
>
> I submitted this email and patch about a month ago. I received a few "this
> is a good idea" type replies. I'd like to see it committed to current.
....
> > --- ip_fw.h 1.89.2.2 2004/10/03 17:04:40
> > +++ ip_fw.h Fri Nov 26 18:51:15 2004
> > @@ -353,6 +353,7 @@ struct _ipfw_dyn_rule {
> > u_int64_t bcnt; /* byte match counter */
> > struct ipfw_flow_id id; /* (masked) flow id */
> > u_int32_t expire; /* expire time */
> > + u_int32_t created; /* creation time */
> > u_int32_t bucket; /* which bucket in hash table */
> > u_int32_t state; /* state of this rule (typically a
*hmm* on sparc times are already 64bit. Does that matter?
--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
More information about the freebsd-ipfw
mailing list