2 * Copyright (c) 2014 - 2016 The DragonFly Project. All rights reserved.
4 * This code is derived from software contributed to The DragonFly Project
5 * by Bill Yuan <bycn82@dragonflybsd.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * 3. Neither the name of The DragonFly Project nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific, prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 #ifndef _IP_FW_BASIC_H
35 #define _IP_FW_BASIC_H
37 #define MODULE_BASIC_ID 0
38 #define MODULE_BASIC_NAME "basic"
41 MALLOC_DEFINE(M_IPFW3_BASIC,"IPFW3_BASIC", "ip_fw3 basic module");
42 void ipfw_sync_install_state(struct cmd_send_state *cmd);
45 enum ipfw_basic_opcodes {
46 O_BASIC_ACCEPT, /* accept */
47 O_BASIC_DENY, /* deny */
48 O_BASIC_COUNT, /* count */
49 O_BASIC_SKIPTO, /* skipto action->arg1 */
50 O_BASIC_FORWARD, /* arg3 count of dest, arg1 type of fwd */
53 O_BASIC_OUT, /* out */
54 O_BASIC_VIA, /* via */
55 O_BASIC_XMIT, /* xmit */
56 O_BASIC_RECV, /* recv */
58 O_BASIC_PROTO, /* arg1=protocol */
60 O_BASIC_IP_SRC_N_PORT, /* src ip: src port */
61 O_BASIC_IP_SRC_MASK, /* ip = IP/mask*/
62 O_BASIC_IP_SRC_ME, /* me */
63 O_BASIC_IP_SRC_LOOKUP, /* from lookup table */
66 O_BASIC_IP_DST_N_PORT, /* dst ip: dst port */
67 O_BASIC_IP_DST_MASK, /* ip = IP/mask */
68 O_BASIC_IP_DST_ME, /* me */
69 O_BASIC_IP_DST_LOOKUP, /* to lookup table */
71 O_BASIC_IP_SRCPORT, /* src-port */
72 O_BASIC_IP_DSTPORT, /* dst-port */
73 O_BASIC_PROB, /* probability 0~1*/
74 O_BASIC_KEEP_STATE, /* */
75 O_BASIC_CHECK_STATE, /* */
76 O_BASIC_TAG, /* action, add tag info into mbuf */
77 O_BASIC_UNTAG, /* action, remote tag from mbuf */
78 O_BASIC_TAGGED, /* filter, check the tag info */
80 O_BASIC_COMMENT, /* comment,behind action, no check */
84 #define IS_EXPIRED(state) (state->lifetime > 0 && \
85 (state->timestamp + state->lifetime) < time_second) || \
86 ((state->expiry != 0) && (state->expiry < time_second))
88 #define IPFW_BASIC_LOADED (ip_fw_basic_loaded)