On Wednesday 14 January 2009 18:32:07 Biks N wrote:
> Hi,
>
> Can anyone please help me understand how the IPFW firewall is
> implemented in the kernel.
>
> I have created new ACTIONS in ipfw. I have already implemented in the
> userland.
>
> Now i need to check the IPFW rule list (in ip_input.c and in
> ip_output.c) and call a custom routine if there is a match to those
> rules.
>
> I would really appreciate if anyone could point me to right
> direction/reference.
ipfw is hooked into the pfil(9) hook points in ip_{in,out}put() (look for
calls to pfil_run_hooks() in the respective files).
From there the call path goes on to the ipfw_check_* functions defined in
netinet/ip_fw_pfil.c
Finally ipfw_chk() in netinet/ip_fw2.c where the ruleset is processed and
where you should add your required processing.
--
/"\ Best regards, | mla...@freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mla...@efnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
