diff options
author | luigi <luigi@FreeBSD.org> | 2003-07-15 23:07:34 +0000 |
---|---|---|
committer | luigi <luigi@FreeBSD.org> | 2003-07-15 23:07:34 +0000 |
commit | b907f7d38c39083f86123e6fca202f45f663a114 (patch) | |
tree | 3e2e588d56ec98645fee81b4a82362bc8f73e485 /sys/netinet/ip_fw.h | |
parent | 233167166ccd16e803e1d70287bf3a74c7e79c25 (diff) | |
download | FreeBSD-src-b907f7d38c39083f86123e6fca202f45f663a114.zip FreeBSD-src-b907f7d38c39083f86123e6fca202f45f663a114.tar.gz |
Allow set 31 to be used for rules other than 65535.
Set 31 is still special because rules belonging to it are not deleted
by the "ipfw flush" command, but must be deleted explicitly with
"ipfw delete set 31" or by individual rule numbers.
This implement a flexible form of "persistent rules" which you might
want to have available even after an "ipfw flush".
Note that this change does not violate POLA, because you could not
use set 31 in a ruleset before this change.
sbin/ipfw changes to allow manipulation of set 31 will follow shortly.
Suggested by: Paul Richards
Diffstat (limited to 'sys/netinet/ip_fw.h')
-rw-r--r-- | sys/netinet/ip_fw.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index e21b873..b0d9e33 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -299,6 +299,7 @@ struct ip_fw { u_int16_t cmd_len; /* # of 32-bit words in cmd */ u_int16_t rulenum; /* rule number */ u_int8_t set; /* rule set (0..31) */ +#define RESVD_SET 31 /* set for default and persistent rules */ u_int8_t _pad; /* padding */ /* These fields are present in all rules. */ |