| |
fwall_add_rule() --> fwall_insert_rule() | |
fwall_chk_rule() --> fwall_check_rule() | |
fwall_rm_rule() --> fwall_delete_rule() | |
| |
RULES() | |
WALKRULE() | |
COMPARE_ADDR() | |
fwall_4.tar
# make
/usr/local/bin/gcc -g -D_KERNEL -c -m64 fwall.c
/usr/ucb/ld -dn -r fwall.o -o fwall
/usr/local/bin/gcc -g -lnsl fwalladm.c -o fwalladm
# make install
/bin/cp fwall /kernel/strmod/sparcv9/fwall
/bin/cp fwalladm /usr/local/bin/fwalladm
/bin/cp fwallcntl /usr/local/bin/fwallcntl
# /usr/local/bin/fwallcntl start
add rule <source address> <destination address> <action>
insert rule <rule number> <source address> <destination address> <action>
delete rule <rule number>
list rule
add interface <interface>
delete interface <interface>
list interface
# /usr/local/bin/fwalladm
>
# /usr/local/bin/fwalladm
> add rule 10.0.0.1 10.0.0.2 ALLOW
> add rule 10.0.0.1 10.0.0.3 ALLOW
> add rule 0 0 DENY
# /usr/local/bin/fwalladm
> list rule
Rule 0: 10.0.0.1 -> 10.0.0.2 ALLOW
Rule 1: 10.0.0.1 -> 10.0.0.3 ALLOW
Rule 2: 0.0.0.0 -> 0.0.0.0 DENY
# /usr/local/bin/fwalladm
> insert rule 2 10.0.0.1 10.0.0.4 ALLOW
> list rule
Rule 0: 10.0.0.1 -> 10.0.0.2 ALLOW
Rule 1: 10.0.0.1 -> 10.0.0.3 ALLOW
Rule 2: 10.0.0.1 -> 10.0.0.4 ALLOW
Rule 3: 0.0.0.0 -> 0.0.0.0 DENY
# /usr/local/bin/fwalladm
> delete rule 0
> list rule
Rule 0: 10.0.0.1 -> 10.0.0.3 ALLOW
Rule 1: 10.0.0.1 -> 10.0.0.4 ALLOW
Rule 2: 0.0.0.0 -> 0.0.0.0 DENY
# /usr/local/bin/fwalladm
> add interface hme0
> list interface
hme
le
> delete interface hme0
> list interface
le
# /usr/local/bin/fwallcntl stop
# make uninstall
/usr/local/bin/fwallcntl stop
fwall module removed from all interface
fwall module successfully unloaded
/bin/rm /kernel/strmod/sparcv9/fwall
/bin/rm /usr/local/bin/fwalladm
/bin/rm /usr/local/bin/fwallcntl
# make -f Makefile32
# make -f Makefile32 install
# make -f Makefile32 uninstall