Reverts all executed rules that this handler knows about.
# File lib/packetthief/impl/ipfw.rb, line 58 def revert return if @active_rules == nil or @active_rules.empty? # @active_rules.each do |rule| args = ['/sbin/ipfw', 'del', 'set', '30'] # args.concat rule.to_ipfw_command unless system(*args) raise "Command #{args.inspect} exited with error code #{$?.inspect}" end # end @active_rules = [] end
Executes a rule and holds onto it for later removal.
# File lib/packetthief/impl/ipfw.rb, line 26 def run(rule) @active_rules ||= [] args = ['/sbin/ipfw', 'add', 'set', '30'] # TODO: make the rule number customizable args.concat rule.to_ipfw_command # Lion claims net.inet.ip.scopedroute is read only. According to: http://pastebin.com/NzAARKVG it is possible to set it at boot time: # /Library/Preferences/SystemConfiguration/com.apple.Boot.plist: # <dict> # <key>Kernel Flags</key> # <string>net.inet.ip.scopedroute=0</string> # </dict> if %rdarwin/ === RUBY_PLATFORM unless system(*%W{/usr/sbin/sysctl -w net.inet.ip.scopedroute=0}) if %rdarwin1[1-9]/ === RUBY_PLATFORM logerror "Failed to set net.inet.ip.scopedroute=0. As of Lion, this is marked read-only after boot. However, you might be able to get IPFW working by setting the sysctl in /Library/Preferences/SystemConfiguration/com.apple.Boot.plist" else raise "Command /usr/sbin/sysctl -w net.inet.ip.scopedroute=0 exited with error code #{$?.inspect}." end end end # run the command unless system(*args) raise "Command #{args.inspect} exited with error code #{$?.inspect}" end @active_rules << rule end