npf.h revision 1.40
1 1.1 rmind /*- 2 1.36 rmind * Copyright (c) 2011-2019 The NetBSD Foundation, Inc. 3 1.1 rmind * All rights reserved. 4 1.1 rmind * 5 1.1 rmind * This material is based upon work partially supported by The 6 1.1 rmind * NetBSD Foundation under a contract with Mindaugas Rasiukevicius. 7 1.1 rmind * 8 1.1 rmind * Redistribution and use in source and binary forms, with or without 9 1.1 rmind * modification, are permitted provided that the following conditions 10 1.1 rmind * are met: 11 1.1 rmind * 1. Redistributions of source code must retain the above copyright 12 1.1 rmind * notice, this list of conditions and the following disclaimer. 13 1.1 rmind * 2. Redistributions in binary form must reproduce the above copyright 14 1.1 rmind * notice, this list of conditions and the following disclaimer in the 15 1.1 rmind * documentation and/or other materials provided with the distribution. 16 1.1 rmind * 17 1.1 rmind * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 18 1.1 rmind * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 19 1.1 rmind * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 20 1.1 rmind * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 21 1.1 rmind * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22 1.1 rmind * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 1.1 rmind * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 1.1 rmind * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25 1.1 rmind * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 1.1 rmind * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 1.1 rmind * POSSIBILITY OF SUCH DAMAGE. 28 1.1 rmind */ 29 1.1 rmind 30 1.1 rmind #ifndef _NPF_LIB_H_ 31 1.1 rmind #define _NPF_LIB_H_ 32 1.1 rmind 33 1.1 rmind #include <sys/types.h> 34 1.1 rmind #include <net/npf.h> 35 1.1 rmind 36 1.1 rmind __BEGIN_DECLS 37 1.1 rmind 38 1.1 rmind struct nl_config; 39 1.1 rmind struct nl_rule; 40 1.1 rmind struct nl_rproc; 41 1.1 rmind struct nl_table; 42 1.13 rmind struct nl_ext; 43 1.1 rmind 44 1.1 rmind typedef struct nl_config nl_config_t; 45 1.1 rmind typedef struct nl_rule nl_rule_t; 46 1.1 rmind typedef struct nl_rproc nl_rproc_t; 47 1.1 rmind typedef struct nl_table nl_table_t; 48 1.36 rmind typedef struct nl_rule nl_nat_t; 49 1.36 rmind typedef struct nl_ext nl_ext_t; 50 1.1 rmind 51 1.36 rmind /* 52 1.36 rmind * Iterator. 53 1.36 rmind */ 54 1.36 rmind #define NPF_ITER_BEGIN 0 55 1.1 rmind 56 1.36 rmind typedef signed long nl_iter_t; 57 1.11 rmind 58 1.36 rmind /* 59 1.38 rmind * Ruleset prefix(es). 60 1.38 rmind */ 61 1.38 rmind 62 1.38 rmind #define NPF_RULESET_MAP_PREF "map:" 63 1.38 rmind 64 1.38 rmind /* 65 1.36 rmind * Extensions API types. 66 1.36 rmind */ 67 1.11 rmind typedef int (*npfext_initfunc_t)(void); 68 1.11 rmind typedef nl_ext_t *(*npfext_consfunc_t)(const char *); 69 1.11 rmind typedef int (*npfext_paramfunc_t)(nl_ext_t *, const char *, const char *); 70 1.11 rmind 71 1.36 rmind typedef int (*npf_conn_func_t)(unsigned, const npf_addr_t *, 72 1.36 rmind const in_port_t *, const char *, void *); 73 1.6 rmind 74 1.36 rmind /* 75 1.36 rmind * API functions. 76 1.36 rmind */ 77 1.6 rmind 78 1.1 rmind nl_config_t * npf_config_create(void); 79 1.27 rmind void npf_config_destroy(nl_config_t *); 80 1.31 christos int npf_config_submit(nl_config_t *, int, npf_error_t *); 81 1.31 christos nl_config_t * npf_config_retrieve(int); 82 1.5 rmind int npf_config_flush(int); 83 1.31 christos nl_config_t * npf_config_import(const void *, size_t); 84 1.31 christos void * npf_config_export(nl_config_t *, size_t *); 85 1.31 christos bool npf_config_active_p(nl_config_t *); 86 1.31 christos bool npf_config_loaded_p(nl_config_t *); 87 1.39 rmind const void * npf_config_build(nl_config_t *); 88 1.1 rmind 89 1.36 rmind int npf_alg_load(nl_config_t *, const char *); 90 1.36 rmind 91 1.36 rmind int npf_param_get(nl_config_t *, const char *, int *); 92 1.36 rmind int npf_param_set(nl_config_t *, const char *, int); 93 1.39 rmind const char * npf_param_iterate(nl_config_t *, nl_iter_t *, int *, int *); 94 1.36 rmind 95 1.15 rmind int npf_ruleset_add(int, const char *, nl_rule_t *, uint64_t *); 96 1.15 rmind int npf_ruleset_remove(int, const char *, uint64_t); 97 1.13 rmind int npf_ruleset_remkey(int, const char *, const void *, size_t); 98 1.14 rmind int npf_ruleset_flush(int, const char *); 99 1.13 rmind 100 1.35 rmind nl_ext_t * npf_ext_construct(const char *); 101 1.11 rmind void npf_ext_param_u32(nl_ext_t *, const char *, uint32_t); 102 1.11 rmind void npf_ext_param_bool(nl_ext_t *, const char *, bool); 103 1.26 jakllsch void npf_ext_param_string(nl_ext_t *, const char *, const char *); 104 1.11 rmind 105 1.19 rmind nl_rule_t * npf_rule_create(const char *, uint32_t, const char *); 106 1.1 rmind int npf_rule_setcode(nl_rule_t *, int, const void *, size_t); 107 1.31 christos int npf_rule_setprio(nl_rule_t *, int); 108 1.13 rmind int npf_rule_setproc(nl_rule_t *, const char *); 109 1.40 joe int npf_rule_setrid(nl_rule_t *, struct r_id, const char *); 110 1.13 rmind int npf_rule_setkey(nl_rule_t *, const void *, size_t); 111 1.17 rmind int npf_rule_setinfo(nl_rule_t *, const void *, size_t); 112 1.36 rmind const char * npf_rule_getname(nl_rule_t *); 113 1.36 rmind uint32_t npf_rule_getattr(nl_rule_t *); 114 1.36 rmind const char * npf_rule_getinterface(nl_rule_t *); 115 1.36 rmind const void * npf_rule_getinfo(nl_rule_t *, size_t *); 116 1.36 rmind const char * npf_rule_getproc(nl_rule_t *); 117 1.36 rmind uint64_t npf_rule_getid(nl_rule_t *); 118 1.36 rmind const void * npf_rule_getcode(nl_rule_t *, int *, size_t *); 119 1.1 rmind bool npf_rule_exists_p(nl_config_t *, const char *); 120 1.13 rmind int npf_rule_insert(nl_config_t *, nl_rule_t *, nl_rule_t *); 121 1.13 rmind void * npf_rule_export(nl_rule_t *, size_t *); 122 1.1 rmind void npf_rule_destroy(nl_rule_t *); 123 1.1 rmind 124 1.1 rmind nl_rproc_t * npf_rproc_create(const char *); 125 1.11 rmind int npf_rproc_extcall(nl_rproc_t *, nl_ext_t *); 126 1.1 rmind bool npf_rproc_exists_p(nl_config_t *, const char *); 127 1.1 rmind int npf_rproc_insert(nl_config_t *, nl_rproc_t *); 128 1.36 rmind const char * npf_rproc_getname(nl_rproc_t *); 129 1.1 rmind 130 1.35 rmind nl_nat_t * npf_nat_create(int, unsigned, const char *); 131 1.35 rmind int npf_nat_setaddr(nl_nat_t *, int, npf_addr_t *, npf_netmask_t); 132 1.35 rmind int npf_nat_setport(nl_nat_t *, in_port_t); 133 1.35 rmind int npf_nat_settable(nl_nat_t *, unsigned); 134 1.36 rmind int npf_nat_settablefilter(nl_nat_t *, int, npf_addr_t *, npf_netmask_t); 135 1.35 rmind int npf_nat_setalgo(nl_nat_t *, unsigned); 136 1.35 rmind int npf_nat_setnpt66(nl_nat_t *, uint16_t); 137 1.36 rmind int npf_nat_gettype(nl_nat_t *); 138 1.36 rmind unsigned npf_nat_getflags(nl_nat_t *); 139 1.36 rmind const npf_addr_t *npf_nat_getaddr(nl_nat_t *, size_t *, npf_netmask_t *); 140 1.36 rmind in_port_t npf_nat_getport(nl_nat_t *); 141 1.36 rmind unsigned npf_nat_gettable(nl_nat_t *); 142 1.36 rmind unsigned npf_nat_getalgo(nl_nat_t *); 143 1.36 rmind int npf_nat_insert(nl_config_t *, nl_nat_t *); 144 1.36 rmind int npf_nat_lookup(int, int, npf_addr_t *[2], in_port_t [2], int, int); 145 1.36 rmind 146 1.36 rmind int npf_conn_list(int, npf_conn_func_t, void *); 147 1.1 rmind 148 1.34 rmind nl_table_t * npf_table_create(const char *, unsigned, int); 149 1.36 rmind const char * npf_table_getname(nl_table_t *); 150 1.36 rmind unsigned npf_table_getid(nl_table_t *); 151 1.36 rmind int npf_table_gettype(nl_table_t *); 152 1.12 rmind int npf_table_add_entry(nl_table_t *, int, 153 1.9 rmind const npf_addr_t *, const npf_netmask_t); 154 1.1 rmind int npf_table_insert(nl_config_t *, nl_table_t *); 155 1.1 rmind void npf_table_destroy(nl_table_t *); 156 1.1 rmind 157 1.37 rmind int npf_table_replace(int, nl_table_t *, npf_error_t *); 158 1.37 rmind 159 1.12 rmind #ifdef _NPF_PRIVATE 160 1.12 rmind 161 1.12 rmind #include <ifaddrs.h> 162 1.12 rmind 163 1.36 rmind nl_rule_t * npf_rule_iterate(nl_config_t *, nl_iter_t *, unsigned *); 164 1.36 rmind nl_nat_t * npf_nat_iterate(nl_config_t *, nl_iter_t *); 165 1.36 rmind nl_rproc_t * npf_rproc_iterate(nl_config_t *, nl_iter_t *); 166 1.36 rmind nl_table_t * npf_table_iterate(nl_config_t *, nl_iter_t *); 167 1.17 rmind 168 1.14 rmind int _npf_ruleset_list(int, const char *, nl_config_t *); 169 1.19 rmind void _npf_debug_addif(nl_config_t *, const char *); 170 1.34 rmind void _npf_config_dump(nl_config_t *, int); 171 1.16 christos 172 1.8 rmind #endif 173 1.8 rmind 174 1.1 rmind __END_DECLS 175 1.1 rmind 176 1.1 rmind #endif /* _NPF_LIB_H_ */ 177
Indexes created Wed Sep 24 15:09:51 GMT 2025