Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 30 Apr 2003 11:50:36 +0200 (CEST)
From:      Dirk-Willem van Gulik <dirkx@webweaving.org>
To:        freebsd-hackers@freebsd.org
Subject:   ipfw2 interface / examples
Message-ID:  <20030430114317.V2090-100000@foem>

next in thread | raw e-mail | index | archive | help

I am recoding some firewall management code which acts on data on the
application layer (to open ports etc) from ipfw to the new ipfw2. And am
struggling a bit understanding what exactly to pass.

-	Needless to say - a bug in your rule gives one
	a 'Adding rule: Invalid argument' errno; is there
	any way/tool to decode how the IP_FW_ADD struct is
	passed and get some more insight ?

-	Is there a simpler example than ipfw2.c, or an raw docs
	for the getsockopt() api which helps me understand this better.
	In particular the from/to 'O_IN/(!O_IN)' versus the ability
	of ipfw.c to set both IP_FW_F_IN and IP_FW_F_OUT to make
	the rule symetrical around from/to.

Thanks.

Dw



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030430114317.V2090-100000>