extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2025-04-23 10:49:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

BSD: "ipfw add %d accept ip from any to any established"

Browse Source 
With this rule, we don't interfere with already-established (or incoming)
connections to routes that we're about to take over.  This is what
happens by default in Linux/iptables.
This commit is contained in:
Avery Pennarun 2010-05-07 20:06:26 -04:00
parent 7043195043
commit 680941cb0c
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
firewall.py
View File

@ -115,6 +115,9 @@ def do_ipfw(port, subnets):
if subnets: if subnets:
sysctl_set('net.inet.ip.fw.enable', 1) sysctl_set('net.inet.ip.fw.enable', 1)
sysctl_set('net.inet.ip.forwarding', 1) sysctl_set('net.inet.ip.forwarding', 1)
ipfw('add', sport, 'accept', 'ip',
'from', 'any', 'to', 'any', 'established')
# create new subnet entries # create new subnet entries
for snet,swidth in subnets: for snet,swidth in subnets: