Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: Listening outside ipfw / program interface to ipfw
From: Jeremie Le Hen (jeremiele-hen.org)
Date: Thu Jan 13 2005 - 16:19:47 CST
> Two quick questions that I can't seem to find answers for using google.
> 1) is is possible to listen outside an ipfw firewall - that is have
> ethereal record the packets before ipfw starts dropping them? If so how?
tcpdump(8) uses the bpf(4) device and the latter will always see a
packet reaching the box whether a packet filter will drop it or not.
> 2) Is there an api to ipfw that will let me manipulate rules, query
> stats etc? I need something faster than running the command line binary?
Yes, you should look at the ``SEE ALSO'' section in ipfw(8) manual page.
ipfirewall(4) is what you are looking for, but looking at ipfw(8)
source code might help too.
Jeremie Le Hen
freebsd-securityfreebsd.org mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"