ipfw on just inbound and not outbound
hiren panchasara
hiren at strugglingcoder.info
Thu May 21 19:42:28 UTC 2015
Getting back to this now to see if I can avoid ipfw on outgoing packets.
@@ -500,7 +507,7 @@ ipfw_hook(int onoff, int pf)
hook_func = (pf == AF_LINK) ? ipfw_check_frame : ipfw_check_packet;
(void) (onoff ? pfil_add_hook : pfil_remove_hook)
- (hook_func, NULL, PFIL_IN | PFIL_OUT | PFIL_WAITOK, pfh);
+ (hook_func, NULL, PFIL_IN | PFIL_WAITOK, pfh);
return 0;
}
Should this do the right thing? I'll report back once I test this patch.
cheers,
Hiren
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 618 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-ipfw/attachments/20150521/cc05d9fd/attachment.sig>
More information about the freebsd-ipfw
mailing list