man/orig/ng ipfw
Материал из Xgu.ru
Не указан параметр (1)
NG_IPFW(4)             FreeBSD Kernel Interfaces Manual             NG_IPFW(4)
| Содержание | 
[править] NAME
ng_ipfw -- interface between netgraph and IP firewall
[править] SYNOPSIS
    #include <netinet/ip_var.h>
    #include <netgraph/ng_ipfw.h>
[править] DESCRIPTION
    The ipfw node implements interface between ipfw(4) and netgraph(4) sub-
    systems.
[править] HOOKS
    The ipfw node supports an arbitrary number of hooks, which must be named
    using only numeric characters.
[править] OPERATION
    Once the ng_ipfw module is loaded into the kernel, a single node named
    ipfw is automatically created.  No more ipfw nodes can be created.  Once
    destroyed, the only way to recreate the node is to reload the ng_ipfw
    module.
    Packets can be injected into netgraph(4) using either the netgraph or
    ngtee commands of the ipfw(8) utility.  These commands require a numeric
    cookie to be supplied as an argument.  Packets are sent out of the hook
    whose name equals the cookie value.  If no hook matches, packets are dis-
    carded.  Packets injected via the netgraph command are tagged with struct
    ipfw_rule_ref.  This tag contains information that helps the packet to
    re-enter ipfw(4) processing, should the packet come back from netgraph(4)
    to ipfw(4).
    Packets received by a node from netgraph(4) subsystem must be tagged with
    struct ipfw_rule_ref tag.  Packets re-enter IP firewall processing at the
    next rule.  If no tag is supplied, packets are discarded.
[править] CONTROL MESSAGES
This node type supports only the generic control messages.
[править] SHUTDOWN
    This node shuts down upon receipt of a NGM_SHUTDOWN control message.  Do
    not do this, since the new ipfw node can only be created by reloading the
    ng_ipfw module.
[править] SEE ALSO
ipfw(4) • netgraph(4) • ipfw(8) • mbuf_tags(9)
[править] HISTORY
The ipfw node type was implemented in FreeBSD 6.0.
[править] AUTHORS
The ipfw node was written by Gleb Smirnoff <glebius@FreeBSD.org>.
FreeBSD 9.0 March 2, 2010 FreeBSD 9.0
