Adding firewall rules at runtime...
Adding firewall rules at runtime...
- Subject: Adding firewall rules at runtime...
- From: "Huyler, Christopher M" <email@hidden>
- Date: Thu, 31 Jul 2003 10:39:51 -0400
- Thread-topic: Adding firewall rules at runtime...
I have created a test program which uses setsockopt() to add and delete rules for the ipfw kernel extension. Although the program works as expected, whenever a change is made to the firewall settings from the "Sharing" system preferences panel the rule created by my program is flushed from the table. Obviously starting and stoping the firewall would cause this to happen, but it also occurs when the user turns on a new service such as "Personal File Sharing" for the first time.
Is there a way to prevent this? If not, how can I add a port to the firewall settings without entering it manually?
Here is a snippit of my code to create the rule
">/sbin/ipfw add 02508 allow from any to any <port> in":
struct ip_fw fw;
fw.fw_number = 2508;
fw.version = IP_FW_CURRENT_API_VERSION;
fw.fw_flg = IP_FW_F_ACCEPT|IP_FW_F_IN;
fw.fw_prot = IPPROTO_TCP;
fw.fw_uar.fw_pts[0] = port;
IP_FW_SETNDSTP(&fw,1);
ret = setsockopt(sock, IPPROTO_IP, IP_FW_ADD, &fw, sizeof(ip_fw));
--
Christopher Huyler
Computer Associates
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.