Listening outside ipfw / program interface to ipfw
Jeremie Le Hen
jeremie at le-hen.org
Thu Jan 13 14:19:53 PST 2005
> Hi,
> Two quick questions that I can't seem to find answers for using google.
>
> 1) is is possible to listen outside an ipfw firewall - that is have
> ethereal record the packets before ipfw starts dropping them? If so how?
tcpdump(8) uses the bpf(4) device and the latter will always see a
packet reaching the box whether a packet filter will drop it or not.
> 2) Is there an api to ipfw that will let me manipulate rules, query
> stats etc? I need something faster than running the command line binary?
Yes, you should look at the ``SEE ALSO'' section in ipfw(8) manual page.
ipfirewall(4) is what you are looking for, but looking at ipfw(8)
source code might help too.
Regards,
--
Jeremie Le Hen
jeremie at le-hen.org
More information about the freebsd-security
mailing list