Thanks, I was going through the kernel side code to see where it might fail, and saw that ioctl's took ipfobj. I just assumed I didn't understand the code and dismissed it. :)
It works great. The only issues I found was that IPFILTER_VERSION, and in_ifname #defines are not well, defined, anywhere in system include files.
The nexk thing I was going to look at was to add a patch for "sticky" to round-robin. But I noticed there is already a sticky flag defined? Is my work there already done?
Sincerely,
Lundy
diff for those that are interested:
108d107 < struct ipfobj obj; 113,121d111 < < // We wrap all ioctl() in ipfobj for future compatibility < memset(&obj, 0, sizeof(obj)); < obj.ipfo_rev = 4010300; // FIXME: find version < obj.ipfo_size = sizeof(l4_nat); < obj.ipfo_ptr = &l4_nat; < obj.ipfo_type = IPFOBJ_IPNAT; < < 161c151 < if (ioctl(nat_fd, SIOCADNAT, &obj) == -1) --- > if (ioctl(nat_fd, SIOCADNAT, &l4_nat) == -1)
Darren Reed wrote:
In IPFilter 4.1, most of the ioctl's that have structures have a wrapping structure - struct ipfobj - that is used to pass them in.
Have a look at samples/proxy.c (it incorrectly passes the wrong thing to the ioctl too.)
Darren
-- Jorgen Lundman | <[EMAIL PROTECTED]> Unix Administrator | +81 (0)3 -5456-2687 ext 1017 (work) Shibuya-ku, Tokyo | +81 (0)90-5578-8500 (cell) Japan | +81 (0)3 -3375-1767 (home)
