Date: Tue, 04 Oct 2005 09:28:08 +0400 From: "Andrey V. Elsukov" <bu7cher@yandex.ru> To: ipfw@freebsd.org Cc: hackers@freebsd.org Subject: Re: nonprivileged access to ipfw Message-ID: <434212E8.5050001@yandex.ru> In-Reply-To: <433A406B.3000300@yandex.ru> References: <433A406B.3000300@yandex.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrey V. Elsukov wrote: > I want a nonprivileged access to ipfw (without sudo, suid and etc..). > But RAW sockets restrict this. I have an one idea - a pseudo device > /dev/ipfw. I think that realisation of this feature is not > difficult task. Now i have some questions. Thanks for more answers :) I has finished this. But i have one question, how to I should act with a dummynet code? Through a pseudo device /dev/ipfwctl we can control an ipfw state. The access to ipfwctl device can be configured via devfs.conf. User must have a write permissions to /dev/ipfwctl for change ipfw state and a read permissions for read ipfw state. Patch can be found here: http://butcher.heavennet.ru/ipfw_ioctl/ -- WBR, Andrey V. Elsukov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?434212E8.5050001>