Looking for more docs on PfCreateInterface
From: Jeff Fink (jfinkjfink_at_yahoo.com)
Date: 01/05/05
- Next message: asudol: "NetAPI32 NetJoinDomain Errors - Help!"
- Previous message: Arkady Frenkel: "Re: Help! My MAC address seems to spontaneously change."
- Next in thread: Arkady Frenkel: "Re: Looking for more docs on PfCreateInterface"
- Reply: Arkady Frenkel: "Re: Looking for more docs on PfCreateInterface"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 4 Jan 2005 17:19:42 -0700
I want to create a firewall on my box using PfAddFiltersToInterface. The
API looks pretty straightforward, but there are some issues that I'd like to
learn more about before I start writing code.
My main goal is to add filters to the WAN ips on the server boxes so that I
can control what ips can get to what ports on the box.
1) Are the filter interfaces created via PfCreateInterface persisted on the
system through reboots? Or do I need to construct a service that creates an
interface, adds filters, and then associates with the WAN ips at startup?
2) If the interfaces do persist, how do I get a list of existing interfaces
without modifying the settings? PFCreateInterface says that a non-zero
value in the dwName parameter "is a potentially shared interface."
3) If a new ip gets added to the box, how do I detect this so tha I can bind
my interface to it?
4) When I finally get ready to add my filters, I'm assuming that I can
specify a range of ports by setting the wSrcPort/wSrcPortHighRange values
appropriately.
Thanks for any info,
-Jeff
- Next message: asudol: "NetAPI32 NetJoinDomain Errors - Help!"
- Previous message: Arkady Frenkel: "Re: Help! My MAC address seems to spontaneously change."
- Next in thread: Arkady Frenkel: "Re: Looking for more docs on PfCreateInterface"
- Reply: Arkady Frenkel: "Re: Looking for more docs on PfCreateInterface"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
