Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 13 Jan 2004 01:11:15 -0800
From:      Luigi Rizzo <>
To:        tom <>
Subject:   Re: ipfw from C code
Message-ID:  <>
In-Reply-To: <>; from on Tue, Jan 13, 2004 at 08:39:40AM -0000
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Tue, Jan 13, 2004 at 08:39:40AM -0000, tom wrote:
> new
> how do I control ipfw from a proggy ?
> #include <sys/sysctl.h> to start ?
> sorry, I know this might be a basic coding lesson,

i suggest using something like

	system("ipfw add 2345 allow tcp from foo to bar");

the ABI is way too awkward to use it from C (basically it
is microcode if you are using ipfw2, and a large and
overloaded rule descriptor if you are using ipfw1).

In the long term we will have something like

	ipfw_compile(out_buffer, &len, "2345 allow tcp from foo to bar");
	setsockopt(fd, IP_FW_ADD, out_buffer, len); 

and then you can the fork overhead.

> _______________________________________________
> mailing list
> To unsubscribe, send any mail to ""

Want to link to this message? Use this URL: <>