FreeBSD IPFW add an IP to table

StackOverflow https://stackoverflow.com//questions/12704161

  •  13-12-2019
  •  | 
  •  

Question

I want to add an IP to a table in IPFW from within a C program. I don't want to call system() as this code has to be as efficient as possible. So basically my question is, can somebody explain how does this work? As there is no API that can be used, I'm reviewing the source (to see how the adding is being done), but this is taking longer than expected and if possible, it would be great if someone explains this.

So what I'm trying to do is when I receive a connection from a client, I want to put the IP address of that client in a certain table.

Thanks in advance!

Was it helpful?

Solution 2

OK. So I've found the solution.

There's a struct in ip_fw.h for that - ipfw_table_entry

The code looks something like this:

...
ipfw_table_entry entry;

bzero(&entry, sizeof entry);

entry.addr = inet_addr("192.168.1.0");
entry.tbl = 100;
entry.masklen = 32;

setsockopt(ipfw_socket, IPPROTO_IP, IP_FW_TABLE_ADD, &entry, sizeof entry);

OTHER TIPS

It is not a real answer just an obvious suggestion. Check out the source code of the system with cvsup. Then look for ipfw.c and there you will see what system calls it is using to modify the rules. The ipfw program is a command line tool, so it must be in the userland. It means that you must be able to do what it does. (Although you will have to have super user privileges.)

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top