From owner-freebsd-hackers@FreeBSD.ORG  Wed Jan 14 18:01:45 2009
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2AF12106564A
	for <freebsd-hackers@freebsd.org>; Wed, 14 Jan 2009 18:01:45 +0000 (UTC)
	(envelope-from freebsd.dev@gmail.com)
Received: from mail-bw0-f20.google.com (mail-bw0-f20.google.com
	[209.85.218.20])
	by mx1.freebsd.org (Postfix) with ESMTP id AB5428FC1B
	for <freebsd-hackers@freebsd.org>; Wed, 14 Jan 2009 18:01:44 +0000 (UTC)
	(envelope-from freebsd.dev@gmail.com)
Received: by bwz13 with SMTP id 13so2304252bwz.19
	for <freebsd-hackers@freebsd.org>; Wed, 14 Jan 2009 10:01:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:date:message-id:subject
	:from:to:content-type:content-transfer-encoding;
	bh=7q+Hx+IhJN4LlXH7TlfH9pTyaZyTRaSALUZiBCwd0fw=;
	b=vhzeBv1N7oyI8P3uYDcMF/b94BqkAuzbY9AGdGKuuu8OccWOuAJX70r3gHfvSL5J/Y
	TRrEivo46MId8zh8Ixt/EtcxT9WPFpkv7pJk/f3Q0yepF2vwNmdCBDoXIjdocM8AywHg
	pxATypEK3zvHKcygjwxeKezLhj22rlrpGRp8g=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:date:message-id:subject:from:to:content-type
	:content-transfer-encoding;
	b=J2QTDgwecLBgDWCtyimY1CDG1gIXYdtiFhdTZq0ke0jZdu7K0t1LGEfzuTIOdiWXIo
	sPcSi1J6R8ciqe0DxKp+sJ8eQhtYlTbhLZ4MpOnCVAJ4TObg+XzmFAS0xTOUVBk/TGbx
	eKNRkoplOlhJY6QPdKPhX0uYeD7Ec7YvVMHzE=
MIME-Version: 1.0
Received: by 10.103.6.18 with SMTP id j18mr192490mui.33.1231954327383; Wed, 14 
	Jan 2009 09:32:07 -0800 (PST)
Date: Wed, 14 Jan 2009 11:32:07 -0600
Message-ID: <50cd4e5f0901140932x5ed9fd09p7ef4fb35095a59a2@mail.gmail.com>
From: Biks N <freebsd.dev@gmail.com>
To: freebsd-hackers@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: how ipfw firewall is implemented in the kernel
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jan 2009 18:01:45 -0000

Hi,

Can anyone please help me understand how the IPFW firewall is
implemented in the kernel.

I have created new ACTIONS in ipfw. I have already implemented in the userland.

Now i need to check the IPFW rule list (in ip_input.c and in
ip_output.c) and call a custom routine if there is a match to those
rules.

I would really appreciate if anyone could point me to right direction/reference.

thanks