Date: Tue, 13 Jan 2004 01:11:15 -0800 From: Luigi Rizzo <rizzo@icir.org> To: tom <default@tom-mchugh.demon.co.uk> Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw from C code Message-ID: <20040113011115.A29198@xorpc.icir.org> In-Reply-To: <E1AgK56-0007es-0V@anchor-post-31.mail.demon.net>; from default@tom-mchugh.demon.co.uk on Tue, Jan 13, 2004 at 08:39:40AM -0000 References: <E1AgK56-0007es-0V@anchor-post-31.mail.demon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jan 13, 2004 at 08:39:40AM -0000, tom wrote:
> new
> how do I control ipfw from a proggy ?
> #include <sys/sysctl.h> to start ?
> sorry, I know this might be a basic coding lesson,
i suggest using something like
system("ipfw add 2345 allow tcp from foo to bar");
the ABI is way too awkward to use it from C (basically it
is microcode if you are using ipfw2, and a large and
overloaded rule descriptor if you are using ipfw1).
In the long term we will have something like
ipfw_compile(out_buffer, &len, "2345 allow tcp from foo to bar");
setsockopt(fd, IP_FW_ADD, out_buffer, len);
and then you can the fork overhead.
cheers
luigi
>
> _______________________________________________
> freebsd-ipfw@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040113011115.A29198>