Linux ipfw sysctl equivalents

Fri Dec 7 10:14:59 UTC 2012

On Thu, Dec 06, 2012 at 10:03:00AM -0500, Finlayson, James wrote:
> Hi,
> I'm trying to build a dummynet box on linux (Centos 6.3).   I have a bridge created that properly forwards packets, however I cannot seem to alter their behavior with ipfw pipes.  I've used dummynet on FreeBSD without issue, but I can't seem to find a Linux equivalent to the following two sysctl commands that will allow me to send bridged packets through ipfw.
> 
>      net.link.ether.ipfw: 0
>              Controls whether layer-2 packets are passed to ipfw.  Default is
>              no.
> 
>      net.link.bridge.ipfw: 0
>              Controls whether bridged packets are passed to ipfw.  Default is
>              no.

there is no equivalent, the dummynet version on linux only works
at layer3 (attached to the pfilter hooks). Probably it can be
made to work at a lower layer but i am not sure how.

Other FreeBSD sysctl are remapped to /sys/module/ipfw_mod/parameters/*
and accessible with regular filesystem read/write calls

cheers
luigi