From owner-freebsd-ipfw@FreeBSD.ORG Tue Sep 16 23:00:26 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 368A016A4B3 for ; Tue, 16 Sep 2003 23:00:26 -0700 (PDT) Received: from skywalker.rogness.net (skywalker.rogness.net [64.251.173.102]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3472A43F3F for ; Tue, 16 Sep 2003 23:00:25 -0700 (PDT) (envelope-from nick@rogness.net) Received: from skywalker.rogness.net (localhost [127.0.0.1]) by skywalker.rogness.net (8.12.5/8.12.5) with ESMTP id h8H66jVs092935 for ; Wed, 17 Sep 2003 00:06:45 -0600 (MDT) (envelope-from nick@rogness.net) Received: from localhost (nick@localhost)h8H66ia8092932 for ; Wed, 17 Sep 2003 00:06:45 -0600 (MDT) X-Authentication-Warning: skywalker.rogness.net: nick owned process doing -bs Date: Wed, 17 Sep 2003 00:06:43 -0600 (MDT) From: Nick Rogness To: freebsd-ipfw@freebsd.org Message-ID: <20030916235808.X92689-100000@skywalker.rogness.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Divert code X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Sep 2003 06:00:26 -0000 Without knowing much about the kernel ipfw divert code, what would it take to make it skip the ipfw divert rule if the app that's listening on that port dies? Besides 'a miracle' or an 'act of god' =) Some general ideas or thoughts would be nice. The reason I ask is I've added a FreeBSD divert hook into the snort_inline code which reads from a divert socket. If snort_inline dies, the gateway dies (which is understandable) :-( Thanks for your time. Nick Rogness - How many people here have telekenetic powers? Raise my hand. -Emo Philips