Hello, I'm trying to modify the rules generated by ftp-proxy(8), and I'm getting lost in the the various structs in pfvar.h.
I'm trying to express the following PF rule in C. pass in quick route-to ($ext_if $ext_gw) inet proto tcp \ from $server to $client port $port flags S/SAFR keep state I can successfully express almost all of the rule in C code as follows: struct pfioc_rule pfr; pfr.rule.action = PF_PASS; pfr.rule.direction = PF_IN; pfr.rule.quick = 1; /*** How to set route-to (ifname gwy)? ***/ pfr.rule.af = AF_INET; pfr.rule.proto = IPPROTO_TCP; pfr.rule.src.addr = ... pfr.rule.dst.addr = ... pfr.rule.dst.port_op = PF_OP_EQ; pfr.rule.dst.port[0] = htons(d_port) pfr.rule.flags = TH_SYN; pfr.rule.flagset = (TH_SYN|TH_ACK|TH_FIN|TH_RST); pfr.rule.keep_state = 1; But I don't know how to handle the "route-to ($ext_if $ext_gw)" part. Can someone please help me? - Raja
