Date: Mon, 27 Aug 2001 05:43:36 -0500 From: Bill Fumerola <billf@mu.org> To: John Massier <j_massier@hotmail.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: setsockopt / ipfirewall example Message-ID: <20010827054336.J2759@elvis.mu.org> In-Reply-To: <F225XLsxpTljBOh8s4K0001280c@hotmail.com>; from j_massier@hotmail.com on Mon, Aug 27, 2001 at 11:48:04AM %2B0200 References: <F225XLsxpTljBOh8s4K0001280c@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Aug 27, 2001 at 11:48:04AM +0200, John Massier wrote: > Hi, I´m a newbie in ipfw and I need urgently (if possible) a simple example > on how to use setsockopt (ipfirewall(4)) to add a rule to IPFIREWALL. For > example, how would it be the way to add the following rule?: > > 7000 allow tcp from 193.10.0.0:255.255.0.0 1021-1023 to any out via lnc0 uid > user_name > > or if someone has a good example that shows every detail of a ipfw rule, > I´ll thank you very much. src/sbin/ipfw.c:add() shows how to contruct a rule and add it. you have to fill a rule structure and then getsockopt(..., IP_FW_ADD, rule, sizeof(rule)); ipfw(4) will copyout the rule back into 'rule'. src/sys/netinet/ip_fw.c:{ip_fw_ctl(),add_entry()} are the backend behind this operation. -- - bill fumerola / fumerola@yahoo-inc.com / billf@FreeBSD.org / billf@mu.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010827054336.J2759>