Date: Thu, 13 Jan 2005 23:19:47 +0100 From: Jeremie Le Hen <jeremie@le-hen.org> To: John Pettitt <jpp@cloudview.com> Cc: freebsd-security@freebsd.org Subject: Re: Listening outside ipfw / program interface to ipfw Message-ID: <20050113221947.GC46977@obiwan.tataz.chchile.org> In-Reply-To: <41E6D3EE.5090205@cloudview.com> References: <41E6D3EE.5090205@cloudview.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi, > Two quick questions that I can't seem to find answers for using google. > > 1) is is possible to listen outside an ipfw firewall - that is have > ethereal record the packets before ipfw starts dropping them? If so how? tcpdump(8) uses the bpf(4) device and the latter will always see a packet reaching the box whether a packet filter will drop it or not. > 2) Is there an api to ipfw that will let me manipulate rules, query > stats etc? I need something faster than running the command line binary? Yes, you should look at the ``SEE ALSO'' section in ipfw(8) manual page. ipfirewall(4) is what you are looking for, but looking at ipfw(8) source code might help too. Regards, -- Jeremie Le Hen jeremie@le-hen.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050113221947.GC46977>