Date: Sat, 18 Dec 2004 17:14:44 +0100 From: Max Laier <max@love2party.net> To: freebsd-pf@freebsd.org Cc: sam wun <sam.wun@authtec.com> Subject: Re: Add new PF rules from C. Message-ID: <200412181714.51674.max@love2party.net> In-Reply-To: <41C3BA23.5070207@authtec.com> References: <41C3B6CE.4080704@authtec.com> <200412180557.00999.max@love2party.net> <41C3BA23.5070207@authtec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart9351370.MO4ATsnkBD Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Saturday 18 December 2004 06:03, sam wun wrote: > Thanks for the sugestion. I use pfctl -ss found some Established state, > the sample code works great. > I would like to write a C program add rule to PF base on based on user > defined anchor and tables. Where can I find more inforamtion and > guideline about doing that? Look at pfctl(8) (src/contrib/pf/pfctl/...) it's all in there. The code is= =20 quite readable and it should be easy to determine what to hand to the vario= us=20 ioctls. In most of the cases you don't really need to write your own C code= =2E=20 Most of the time it should be sufficient to exec() pfctl(8) and pipe rules = to=20 it. Take a look at the spamd port (mail/spamd) which does just that. You=20 might need a fdescfs(5) in order to drop root privs and use the -p option.= =20 But that should all be obvious from the spamd code. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart9351370.MO4ATsnkBD Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQBBxFd7XyyEoT62BG0RAnWTAJ9rYlpdIwq064560LfPaUguCCkudwCffnd+ sVXG9W37wPKc8arTkAegsqw= =dH3w -----END PGP SIGNATURE----- --nextPart9351370.MO4ATsnkBD--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200412181714.51674.max>