ip_sync.h revision 1.2.4.2
1 1.2.4.2 yamt /* $NetBSD: ip_sync.h,v 1.2.4.2 2012/04/17 00:08:17 yamt Exp $ */ 2 1.2.4.2 yamt 3 1.2.4.2 yamt /* 4 1.2.4.2 yamt * Copyright (C) 2008 by Darren Reed. 5 1.2.4.2 yamt * 6 1.2.4.2 yamt * See the IPFILTER.LICENCE file for details on licencing. 7 1.2.4.2 yamt * 8 1.2.4.2 yamt * @(#)ip_fil.h 1.35 6/5/96 9 1.2.4.2 yamt * Id: ip_sync.h,v 2.19.2.1 2012/01/26 05:29:13 darrenr Exp 10 1.2.4.2 yamt */ 11 1.2.4.2 yamt 12 1.2.4.2 yamt #ifndef __IP_SYNC_H__ 13 1.2.4.2 yamt #define __IP_SYNC_H__ 14 1.2.4.2 yamt 15 1.2.4.2 yamt typedef struct synchdr { 16 1.2.4.2 yamt u_32_t sm_magic; /* magic */ 17 1.2.4.2 yamt u_char sm_v; /* version: 4,6 */ 18 1.2.4.2 yamt u_char sm_p; /* protocol */ 19 1.2.4.2 yamt u_char sm_cmd; /* command */ 20 1.2.4.2 yamt u_char sm_table; /* NAT, STATE, etc */ 21 1.2.4.2 yamt u_int sm_num; /* table entry number */ 22 1.2.4.2 yamt int sm_rev; /* forward/reverse */ 23 1.2.4.2 yamt int sm_len; /* length of the data section */ 24 1.2.4.2 yamt struct synclist *sm_sl; /* back pointer to parent */ 25 1.2.4.2 yamt } synchdr_t; 26 1.2.4.2 yamt 27 1.2.4.2 yamt 28 1.2.4.2 yamt #define SYNHDRMAGIC 0x0FF51DE5 29 1.2.4.2 yamt 30 1.2.4.2 yamt /* 31 1.2.4.2 yamt * Commands 32 1.2.4.2 yamt * No delete required as expirey will take care of that! 33 1.2.4.2 yamt */ 34 1.2.4.2 yamt #define SMC_CREATE 0 /* pass ipstate_t after synchdr_t */ 35 1.2.4.2 yamt #define SMC_UPDATE 1 36 1.2.4.2 yamt #define SMC_MAXCMD 1 37 1.2.4.2 yamt 38 1.2.4.2 yamt /* 39 1.2.4.2 yamt * Tables 40 1.2.4.2 yamt */ 41 1.2.4.2 yamt #define SMC_RLOG -2 /* Only used with SIOCIPFFL */ 42 1.2.4.2 yamt #define SMC_NAT 0 43 1.2.4.2 yamt #define SMC_STATE 1 44 1.2.4.2 yamt #define SMC_MAXTBL 1 45 1.2.4.2 yamt 46 1.2.4.2 yamt 47 1.2.4.2 yamt /* 48 1.2.4.2 yamt * Only TCP requires "more" information than just a reference to the entry 49 1.2.4.2 yamt * for which an update is being made. 50 1.2.4.2 yamt */ 51 1.2.4.2 yamt typedef struct synctcp_update { 52 1.2.4.2 yamt u_long stu_age; 53 1.2.4.2 yamt tcpdata_t stu_data[2]; 54 1.2.4.2 yamt int stu_state[2]; 55 1.2.4.2 yamt } synctcp_update_t; 56 1.2.4.2 yamt 57 1.2.4.2 yamt 58 1.2.4.2 yamt typedef struct synclist { 59 1.2.4.2 yamt struct synclist *sl_next; 60 1.2.4.2 yamt struct synclist **sl_pnext; 61 1.2.4.2 yamt int sl_idx; /* update index */ 62 1.2.4.2 yamt struct synchdr sl_hdr; 63 1.2.4.2 yamt union { 64 1.2.4.2 yamt struct ipstate *slu_ips; 65 1.2.4.2 yamt struct nat *slu_ipn; 66 1.2.4.2 yamt void *slu_ptr; 67 1.2.4.2 yamt } sl_un; 68 1.2.4.2 yamt } synclist_t; 69 1.2.4.2 yamt 70 1.2.4.2 yamt #define sl_ptr sl_un.slu_ptr 71 1.2.4.2 yamt #define sl_ips sl_un.slu_ips 72 1.2.4.2 yamt #define sl_ipn sl_un.slu_ipn 73 1.2.4.2 yamt #define sl_magic sl_hdr.sm_magic 74 1.2.4.2 yamt #define sl_v sl_hdr.sm_v 75 1.2.4.2 yamt #define sl_p sl_hdr.sm_p 76 1.2.4.2 yamt #define sl_cmd sl_hdr.sm_cmd 77 1.2.4.2 yamt #define sl_rev sl_hdr.sm_rev 78 1.2.4.2 yamt #define sl_table sl_hdr.sm_table 79 1.2.4.2 yamt #define sl_num sl_hdr.sm_num 80 1.2.4.2 yamt #define sl_len sl_hdr.sm_len 81 1.2.4.2 yamt 82 1.2.4.2 yamt /* 83 1.2.4.2 yamt * NOTE: SYNCLOG_SZ is defined *low*. It should be the next power of two 84 1.2.4.2 yamt * up for whatever number of packets per second you expect to see. Be 85 1.2.4.2 yamt * warned: this index's a table of large elements (upto 272 bytes in size 86 1.2.4.2 yamt * each), and thus a size of 8192, for example, results in a 2MB table. 87 1.2.4.2 yamt * The lesson here is not to use small machines for running fast firewalls 88 1.2.4.2 yamt * (100BaseT) in sync, where you might have upwards of 10k pps. 89 1.2.4.2 yamt */ 90 1.2.4.2 yamt #define SYNCLOG_SZ 256 91 1.2.4.2 yamt 92 1.2.4.2 yamt typedef struct synclogent { 93 1.2.4.2 yamt struct synchdr sle_hdr; 94 1.2.4.2 yamt union { 95 1.2.4.2 yamt struct ipstate sleu_ips; 96 1.2.4.2 yamt struct nat sleu_ipn; 97 1.2.4.2 yamt } sle_un; 98 1.2.4.2 yamt } synclogent_t; 99 1.2.4.2 yamt 100 1.2.4.2 yamt typedef struct syncupdent { /* 28 or 32 bytes */ 101 1.2.4.2 yamt struct synchdr sup_hdr; 102 1.2.4.2 yamt struct synctcp_update sup_tcp; 103 1.2.4.2 yamt } syncupdent_t; 104 1.2.4.2 yamt 105 1.2.4.2 yamt extern void *ipf_sync_create(ipf_main_softc_t *); 106 1.2.4.2 yamt extern int ipf_sync_soft_init(ipf_main_softc_t *, void *); 107 1.2.4.2 yamt extern int ipf_sync_soft_fini(ipf_main_softc_t *, void *); 108 1.2.4.2 yamt extern int ipf_sync_canread(void *); 109 1.2.4.2 yamt extern int ipf_sync_canwrite(void *); 110 1.2.4.2 yamt extern void ipf_sync_del_nat(void *, synclist_t *); 111 1.2.4.2 yamt extern void ipf_sync_del_state(void *, synclist_t *); 112 1.2.4.2 yamt extern int ipf_sync_init(void); 113 1.2.4.2 yamt extern int ipf_sync_ioctl(ipf_main_softc_t *, void *, ioctlcmd_t, int, int, void *); 114 1.2.4.2 yamt extern synclist_t *ipf_sync_new(ipf_main_softc_t *, int, fr_info_t *, void *); 115 1.2.4.2 yamt extern int ipf_sync_read(ipf_main_softc_t *, struct uio *uio); 116 1.2.4.2 yamt extern int ipf_sync_write(ipf_main_softc_t *, struct uio *uio); 117 1.2.4.2 yamt extern int ipf_sync_main_unload(void); 118 1.2.4.2 yamt extern void ipf_sync_update(ipf_main_softc_t *, int, fr_info_t *, synclist_t *); 119 1.2.4.2 yamt extern void ipf_sync_expire(ipf_main_softc_t *); 120 1.2.4.2 yamt extern void ipf_sync_soft_destroy(ipf_main_softc_t *, void *); 121 1.2.4.2 yamt extern void *ipf_sync_soft_create(ipf_main_softc_t *); 122 1.2.4.2 yamt 123 1.2.4.2 yamt #endif /* IP_SYNC */ 124
Indexes created Sun Oct 19 02:09:48 GMT 2025