pf ipctl programming question
Rajkumar S
rajkumars at gmail.com
Mon Nov 7 05:31:21 PST 2005
Hi,
I am trying to add FreeBSD 6.0 support to snortsam
http://www.snortsam.net/ But before hacking in to the actual code I am
currently learning to use pf ioctl, and I am facing a problem.
I created a small test program to test the ioctl interface,
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/fcntl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <net/pfvar.h>
#include <err.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
int
main(int argc, char *argv[])
{
struct pfioc_rule rule;
int pfdev;
pfdev = open("/dev/pf", O_RDWR);
if (pfdev == -1)
err(1, "open(\"/dev/pf\") failed");
bzero(&rule, sizeof(struct pfioc_rule));
strncpy(rule.rule.ifname, "rl0", IFNAMSIZ);
strncpy(rule.anchor, "testanchor", PF_ANCHOR_NAME_SIZE-1);
rule.action = PF_CHANGE_GET_TICKET;
if(ioctl(pfdev, DIOCCHANGERULE, &rule)<0)
{
printf("Error: DIOCCHANGERULE %s.\n", strerror(errno));
return 255;
}
This is basically as simple as it could be, and while I run it I get the error:
Error: DIOCCHANGERULE Invalid argument.
Looking through the google*, I found that the problem is that I did
not init the ruleset along with anchor. But from the docs or man pages
I could not find out how can I init the ruleset.
Can some one point me towads the right direction?
with warm regards,
raj
*: http://62.65.145.30/pf/msg03157.html
More information about the freebsd-pf
mailing list