usr/src/uts/common/inet/ipf/ipf.h

   1 /*
   2  * Copyright (C) 1993-2001, 2003 by Darren Reed.
   3  *
   4  * See the IPFILTER.LICENCE file for details on licencing.
   5  *
   6  * @(#)ipf.h    1.12 6/5/96
   7  * $Id: ipf.h,v 2.71.2.7 2005/06/12 07:18:31 darrenr Exp $
   8  *
   9  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
  10  */
  11
  12 #ifndef __IPF_H__
  13 #define __IPF_H__
  14
  15 #if defined(__osf__)
  16 # define radix_mask ipf_radix_mask
  17 # define radix_node ipf_radix_node
  18 # define radix_node_head ipf_radix_node_head
  19 #endif
  20
  21 #include <sys/param.h>
  22 #include <sys/types.h>
  23 #include <sys/file.h>
  24 /*
  25  * This is a workaround for <sys/uio.h> troubles on FreeBSD, HPUX, OpenBSD.
  26  * Needed here because on some systems <sys/uio.h> gets included by things
  27  * like <sys/socket.h>
  28  */
  29 #ifndef _KERNEL
  30 # define ADD_KERNEL
  31 # define _KERNEL
  32 # define KERNEL
  33 #endif
  34 #ifdef __OpenBSD__
  35 struct file;
  36 #endif
  37 #include <sys/uio.h>
  38 #ifdef ADD_KERNEL
  39 # undef _KERNEL
  40 # undef KERNEL
  41 #endif
  42 #include <sys/time.h>
  43 #include <sys/socket.h>
  44 #include <net/if.h>
  45 #if __FreeBSD_version >= 300000
  46 # include <net/if_var.h>
  47 #endif
  48 #include <netinet/in.h>
  49 #include <netinet/in_systm.h>
  50 #include <netinet/ip.h>
  51 #include <netinet/ip_icmp.h>
  52 #ifndef TCP_PAWS_IDLE   /* IRIX */
  53 # include <netinet/tcp.h>
  54 #endif
  55 #include <netinet/udp.h>
  56
  57 #include <arpa/inet.h>
  58
  59 #include <errno.h>
  60 #include <limits.h>
  61 #include <netdb.h>
  62 #include <stdlib.h>
  63 #include <stddef.h>
  64 #include <stdio.h>
  65 #if !defined(__SVR4) && !defined(__svr4__) && defined(sun)
  66 # include <strings.h>
  67 #endif
  68 #include <string.h>
  69 #include <unistd.h>
  70
  71 #include "netinet/ipf_stack.h"
  72 #include "netinet/ip_compat.h"
  73 #include "netinet/ip_fil.h"
  74 #include "netinet/ip_nat.h"
  75 #include "netinet/ip_frag.h"
  76 #include "netinet/ip_state.h"
  77 #include "netinet/ip_proxy.h"
  78 #include "netinet/ip_auth.h"
  79 #include "netinet/ip_lookup.h"
  80 #include "netinet/ip_pool.h"
  81 #ifdef IPFILTER_SCAN
  82 #include "netinet/ip_scan.h"
  83 #endif
  84 #include "netinet/ip_htable.h"
  85 #ifdef IPFILTER_SYNC
  86 #include "netinet/ip_sync.h"
  87 #endif
  88
  89 #include "opts.h"
  90
  91 #ifndef __P
  92 # ifdef __STDC__
  93 #  define       __P(x)  x
  94 # else
  95 #  define       __P(x)  ()
  96 # endif
  97 #endif
  98 #ifndef __STDC__
  99 # undef         const
 100 # define        const
 101 #endif
 102
 103 #ifndef U_32_T
 104 # define        U_32_T  1
 105 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
 106     defined(__sgi)
 107 typedef u_int32_t       u_32_t;
 108 # else
 109 #  if defined(__alpha__) || defined(__alpha) || defined(_LP64)
 110 typedef unsigned int    u_32_t;
 111 #  else
 112 #   if SOLARIS2 >= 6
 113 typedef uint32_t        u_32_t;
 114 #   else
 115 typedef unsigned int    u_32_t;
 116 #   endif
 117 #  endif
 118 # endif /* __NetBSD__ || __OpenBSD__ || __FreeBSD__ || __sgi */
 119 #endif /* U_32_T */
 120
 121 #ifndef MAXHOSTNAMELEN
 122 # define        MAXHOSTNAMELEN  256
 123 #endif
 124
 125 #define MAX_ICMPCODE    16
 126 #define MAX_ICMPTYPE    19
 127
 128
 129 struct  ipopt_names     {
 130         int     on_value;
 131         int     on_bit;
 132         int     on_siz;
 133         char    *on_name;
 134 };
 135
 136
 137 typedef struct  alist_s {
 138         struct  alist_s *al_next;
 139         int             al_not;
 140         sa_family_t     al_family;
 141         i6addr_t        al_i6addr;
 142         i6addr_t        al_i6mask;
 143 } alist_t;
 144
 145 #define al_addr al_i6addr.in4_addr
 146 #define al_mask al_i6mask.in4_addr
 147 #define al_1    al_addr
 148 #define al_2    al_mask
 149
 150
 151 typedef struct  {
 152         u_short fb_c;
 153         u_char  fb_t;
 154         u_char  fb_f;
 155         u_32_t  fb_k;
 156 } fakebpf_t;
 157
 158
 159 #if defined(__NetBSD__) || defined(__OpenBSD__) || \
 160         (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
 161         defined(SOLARIS) || defined(__sgi) || defined(__osf__) || \
 162         defined(linux)
 163 # include <stdarg.h>
 164 typedef int     (* ioctlfunc_t) __P((int, ioctlcmd_t, ...));
 165 #else
 166 typedef int     (* ioctlfunc_t) __P((dev_t, ioctlcmd_t, void *));
 167 #endif
 168 typedef void    (* addfunc_t) __P((int, ioctlfunc_t, void *));
 169 typedef int     (* copyfunc_t) __P((void *, void *, size_t));
 170
 171
 172 /*
 173  * SunOS4
 174  */
 175 #if defined(sun) && !defined(__SVR4) && !defined(__svr4__)
 176 extern  int     ioctl __P((int, int, void *));
 177 #endif
 178
 179 extern  char    thishost[];
 180 extern  char    flagset[];
 181 extern  u_char  flags[];
 182 extern  struct ipopt_names ionames[];
 183 extern  struct ipopt_names secclass[];
 184 extern  char    *icmpcodes[MAX_ICMPCODE + 1];
 185 extern  char    *icmptypes[MAX_ICMPTYPE + 1];
 186 extern  int     use_inet6;
 187 extern  int     lineNum;
 188 extern  struct ipopt_names v6ionames[];
 189
 190
 191 extern int addicmp __P((char ***, struct frentry *, int));
 192 extern int addipopt __P((char *, struct ipopt_names *, int, char *));
 193 extern int addkeep __P((char ***, struct frentry *, int));
 194 extern int bcopywrap __P((void *, void *, size_t));
 195 extern void binprint __P((void *, size_t));
 196 extern void initparse __P((void));
 197 extern u_32_t buildopts __P((char *, char *, int));
 198 extern int checkrev __P((char *));
 199 extern int count6bits __P((u_32_t *));
 200 extern int count4bits __P((u_32_t));
 201 extern int extras __P((char ***, struct frentry *, int));
 202 extern char *fac_toname __P((int));
 203 extern int fac_findname __P((char *));
 204 extern void fill6bits __P((int, u_int *));
 205 extern int gethost __P((char *, i6addr_t *, int));
 206 extern int getport __P((struct frentry *, char *, u_short *));
 207 extern int getportproto __P((char *, int));
 208 extern int getproto __P((char *));
 209 extern char *getaline __P((char *, size_t, FILE *, int *));
 210 extern int genmask __P((char *, u_32_t *));
 211 extern char *getnattype __P((struct nat *, int));
 212 extern char *getsumd __P((u_32_t));
 213 extern u_32_t getoptbyname __P((char *));
 214 extern u_32_t getoptbyvalue __P((int));
 215 extern u_32_t getv6optbyname __P((char *));
 216 extern u_32_t getv6optbyvalue __P((int));
 217 extern void hexdump __P((FILE *, void *, int, int));
 218 extern int icmpcode __P((char *));
 219 extern void initparse __P((void));
 220 extern void ipf_dotuning __P((int, char *, ioctlfunc_t));
 221 extern void ipf_addrule __P((int, ioctlfunc_t, void *));
 222 extern int ipf_parsefile __P((int, addfunc_t, ioctlfunc_t *, char *));
 223 extern int ipf_parsesome __P((int, addfunc_t, ioctlfunc_t *, FILE *));
 224 extern int ipmon_parsefile __P((char *));
 225 extern int ipmon_parsesome __P((FILE *));
 226 extern void ipnat_addrule __P((int, ioctlfunc_t, void *));
 227 extern int ipnat_parsefile __P((int, addfunc_t, ioctlfunc_t, char *));
 228 extern int ipnat_parsesome __P((int, addfunc_t, ioctlfunc_t, FILE *));
 229 extern int ippool_parsefile __P((int, char *, ioctlfunc_t));
 230 extern int ippool_parsesome __P((int, FILE *, ioctlfunc_t));
 231 extern int kmemcpywrap __P((void *, void *, size_t));
 232 extern char *kvatoname __P((ipfunc_t, ioctlfunc_t));
 233 extern int load_hash __P((struct iphtable_s *, struct iphtent_s *,
 234                           ioctlfunc_t));
 235 extern int load_hashnode __P((int, char *, struct iphtent_s *, ioctlfunc_t));
 236 extern int load_pool __P((struct ip_pool_s *list, ioctlfunc_t));
 237 extern int load_poolnode __P((int, char *, ip_pool_node_t *, ioctlfunc_t));
 238 extern int loglevel __P((char **, u_int *, int));
 239 extern alist_t *make_range __P((int, struct in_addr, struct in_addr));
 240 extern ipfunc_t nametokva __P((char *, ioctlfunc_t));
 241 extern void nat_setgroupmap __P((struct ipnat *));
 242 extern int ntomask __P((int, int, u_32_t *));
 243 extern u_32_t optname __P((char ***, u_short *, int));
 244 extern struct frentry *parse __P((char *, int));
 245 extern char *portname __P((int, int));
 246 extern int portnum __P((char *, char *, u_short *, int));
 247 extern int ports __P((char ***, char *, u_short *, int *, u_short *, int));
 248 extern int pri_findname __P((char *));
 249 extern char *pri_toname __P((int));
 250 extern void print_toif __P((char *, struct frdest *));
 251 extern void printaddr __P((int, int, char *, u_32_t *, u_32_t *));
 252 extern void printaps __P((ap_session_t *, int));
 253 extern void printbuf __P((char *, int, int));
 254 extern void printfr __P((struct frentry *, ioctlfunc_t));
 255 extern struct iphtable_s *printhash_live __P((struct iphtable_s *, int, char*, int));
 256 extern void printhashdata __P((struct iphtable_s *, int));
 257 extern void printtunable __P((ipftune_t *));
 258 extern struct iphtable_s *printhash __P((struct iphtable_s *, copyfunc_t,
 259                                          char *, int));
 260 extern struct iphtent_s *printhashnode __P((struct iphtable_s *,
 261                                             struct iphtent_s *,
 262                                             copyfunc_t, int));
 263 extern void printhostmask __P((int, u_32_t *, u_32_t *));
 264 extern void printip __P((u_32_t *));
 265 extern void printlog __P((struct frentry *));
 266 extern void printlookup __P((i6addr_t *addr, i6addr_t *mask));
 267 extern void printmask __P((int, u_32_t *));
 268 extern void printpacket __P((struct ip *));
 269 extern void printpacket6 __P((struct ip *));
 270 extern struct ip_pool_s *printpool __P((struct ip_pool_s *, copyfunc_t,
 271                                         char *, int));
 272 extern struct ip_pool_s *printpool_live __P((struct ip_pool_s *, int, char*, int));
 273 extern void printpooldata __P((struct ip_pool_s *, int));
 274 extern struct ip_pool_node *printpoolnode __P((struct ip_pool_node *, int));
 275 extern void printproto __P((struct protoent *, int, struct ipnat *));
 276 extern void printportcmp __P((int, struct frpcmp *));
 277 extern void optprint __P((u_short *, u_long, u_long));
 278 #ifdef  USE_INET6
 279 extern void optprintv6 __P((u_short *, u_long, u_long));
 280 #endif
 281 extern int ratoi __P((char *, int *, int, int));
 282 extern int ratoui __P((char *, u_int *, u_int, u_int));
 283 extern int remove_hash __P((struct iphtable_s *, ioctlfunc_t));
 284 extern int remove_hashnode __P((int, char *, struct iphtent_s *, ioctlfunc_t));
 285 extern int remove_pool __P((ip_pool_t *, ioctlfunc_t));
 286 extern int remove_poolnode __P((int, char *, ip_pool_node_t *, ioctlfunc_t));
 287 extern u_char tcp_flags __P((char *, u_char *, int));
 288 extern u_char tcpflags __P((char *));
 289 extern void printc __P((struct frentry *));
 290 extern void printC __P((int));
 291 extern void emit __P((int, int, void *, struct frentry *));
 292 extern u_char secbit __P((int));
 293 extern u_char seclevel __P((char *));
 294 extern void printfraginfo __P((char *, struct ipfr *));
 295 extern void printifname __P((char *, char *, void *));
 296 extern char *hostname __P((int, void *));
 297 extern struct ipstate *printstate __P((struct ipstate *, int, u_long));
 298 extern void printsbuf __P((char *));
 299 extern void printnat __P((struct ipnat *, int));
 300 extern void printactiveaddress __P((int, char *, i6addr_t *, char *));
 301 extern void printactivenat __P((struct nat *, int, int));
 302 extern void printhostmap __P((struct hostmap *, u_int));
 303 extern void printpacket __P((struct ip *));
 304
 305 extern void set_variable __P((char *, char *));
 306 extern char *get_variable __P((char *, char **, int));
 307 extern void resetlexer __P((void));
 308
 309 #ifdef SOLARIS
 310 extern int gethostname __P((char *, int ));
 311 extern void sync __P((void));
 312 #endif
 313
 314 #endif /* __IPF_H__ */