ipfw3: insert the new rule in the beginning
[dragonfly.git] / sbin / ipfw3 / ipfw3.h
CommitLineData
9187b359 1/*
4408d548 2 * Copyright (c) 2014 - 2018 The DragonFly Project. All rights reserved.
9187b359
BY
3 *
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@dragonflybsd.org>
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
16 * distribution.
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * SUCH DAMAGE.
33 */
34
35
36#ifndef _IPFW3_H_
37#define _IPFW3_H_
38
39/*
40 * This macro returns the size of a struct sockaddr when passed
41 * through a routing socket. Basically we round up sa_len to
42 * a multiple of sizeof(long), with a minimum of sizeof(long).
43 * The check for a NULL pointer is just a convenience, probably never used.
44 * The case sa_len == 0 should only apply to empty structures.
45 */
46#define SA_SIZE(sa) \
47 ( (!(sa) || ((struct sockaddr *)(sa))->sa_len == 0) ? \
48 sizeof(long) : \
49 1 + ( (((struct sockaddr *)(sa))->sa_len - 1) | (sizeof(long) - 1) ) )
50
51/*
52 * Definition of a port range, and macros to deal with values.
53 * FORMAT: HI 16-bits == first port in range, 0 == all ports.
54 * LO 16-bits == number of ports in range
55 * NOTES: - Port values are not stored in network byte order.
56 */
57
58
59#define GETLOPORT(x) ((x) >> 0x10)
60#define GETNUMPORTS(x) ((x) & 0x0000ffff)
61#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x)))
62
63/* Set y to be the low-port value in port_range variable x. */
64#define SETLOPORT(x, y) ((x) = ((x) & 0x0000ffff) | ((y) << 0x10))
65
66/* Set y to be the number of ports in port_range variable x. */
67#define SETNUMPORTS(x, y) ((x) = ((x) & 0xffff0000) | (y))
68
69#define INC_ARGCV() do { \
70 (*_av)++; \
71 (*_ac)--; \
72 av = *_av; \
73 ac = *_ac; \
74} while (0)
75
76
77enum tokens {
78 TOK_NULL=0,
79
80 TOK_IP,
81 TOK_IF,
82 TOK_ALOG,
83 TOK_DENY_INC,
84 TOK_SAME_PORTS,
85 TOK_UNREG_ONLY,
86 TOK_RESET_ADDR,
87 TOK_ALIAS_REV,
88 TOK_PROXY_ONLY,
89 TOK_REDIR_ADDR,
90 TOK_REDIR_PORT,
91 TOK_REDIR_PROTO,
92
93 TOK_PIPE,
94 TOK_QUEUE,
95 TOK_PLR,
96 TOK_NOERROR,
97 TOK_BUCKETS,
98 TOK_DSTIP,
99 TOK_SRCIP,
100 TOK_DSTPORT,
101 TOK_SRCPORT,
102 TOK_ALL,
103 TOK_MASK,
104 TOK_BW,
105 TOK_DELAY,
106 TOK_RED,
107 TOK_GRED,
108 TOK_DROPTAIL,
109 TOK_PROTO,
110 TOK_WEIGHT,
111};
112
113struct char_int_map {
114 char *key;
115 int val;
116};
117
2490fdca
BY
118typedef void (*parser_func)(ipfw_insn **,int *, char ***);
119typedef void (*shower_func)(ipfw_insn *, int);
120typedef void (*register_func)(int, int, parser_func, shower_func);
121typedef void (*register_keyword)(int, int, char *, int);
122typedef void (*init_module)(register_func, register_keyword);
123
4408d548
BY
124#define MAX_KEYWORD_LEN 20
125#define KEYWORD_SIZE 256
126#define MAPPING_SIZE 256
127
128struct ipfw3_keyword {
129 int type;
130 char word[MAX_KEYWORD_LEN];
131 int module;
132 int opcode;
133};
134#define LEN_FW3_KEYWORD sizeof(struct ipfw3_keyword)
135
136struct ipfw3_mapping {
137 int type;
138 int module;
139 int opcode;
140 parser_func parser;
141 shower_func shower;
142};
143#define LEN_FW3_MAPPING sizeof(struct ipfw3_mapping)
144
145ipfw_insn* next_cmd(ipfw_insn *cmd);
2490fdca
BY
146void register_ipfw_keyword(int module, int opcode, char *word, int type);
147void register_ipfw_func(int, int, parser_func, shower_func);
148int do_get_x(int optname, void *rule, int *optlen);
149int do_set_x(int optname, void *rule, int optlen);
150
151int match_token(struct char_int_map *table, char *string);
4408d548
BY
152void module_get(char *modules_str, int len);
153void module_list(int ac, char **av);
154void module_load(void);
155void register_ipfw_keyword(int module, int opcode, char *word, int type);
156void register_ipfw_func(int module, int opcode,
157 parser_func parser, shower_func shower);
158void prev_show_chk(ipfw_insn *cmd, uint8_t *prev_module,
159 uint8_t *prev_opcode, int *show_or);
160int show_filter(ipfw_insn *cmd, char *word, int type);
161void help(void);
162void rule_delete(int ac, char **av);
163void rule_list(int ac, char **av);
372a54ac 164void rule_add(int ac, char **av, uint8_t insert);
4408d548
BY
165void rule_zero(int ac, char **av);
166void rule_flush(void);
167void rule_show(struct ipfw_ioc_rule *rule, int pcwidth, int bcwidth);
168int do_set_x(int optname, void *rule, int optlen);
169int do_get_x(int optname, void *rule, int *optlen);
170int ipfw3_main(int ac, char **av);
171void ipfw3_readfile(int ac, char **av);
9187b359 172#endif