12632SN/A/* 22632SN/A * fw.h 32632SN/A * 42632SN/A * Network firewalling operations. 52632SN/A * 62632SN/A * Copyright (c) 2001 Dug Song <dugsong@monkey.org> 72632SN/A * 82632SN/A * $Id: fw.h,v 1.13 2002/12/14 04:02:36 dugsong Exp $ 92632SN/A */ 102632SN/A 112632SN/A#ifndef DNET_FW_H 122632SN/A#define DNET_FW_H 132632SN/A 142632SN/Astruct fw_rule { 152632SN/A char fw_device[INTF_NAME_LEN]; /* interface name */ 162632SN/A uint8_t fw_op; /* operation */ 172632SN/A uint8_t fw_dir; /* direction */ 182632SN/A uint8_t fw_proto; /* IP protocol */ 192632SN/A struct addr fw_src; /* src address / net */ 202632SN/A struct addr fw_dst; /* dst address / net */ 212632SN/A uint16_t fw_sport[2]; /* range / ICMP type */ 222632SN/A uint16_t fw_dport[2]; /* range / ICMP code */ 232632SN/A}; 242632SN/A 252632SN/A#define FW_OP_ALLOW 1 262632SN/A#define FW_OP_BLOCK 2 272632SN/A 282632SN/A#define FW_DIR_IN 1 292632SN/A#define FW_DIR_OUT 2 302632SN/A 312632SN/A#define fw_pack_rule(rule, dev, op, dir, p, s, d, sp1, sp2, dp1, dp2) \ 322632SN/Ado { \ 332632SN/A strlcpy((rule)->fw_device, dev, sizeof((rule)->fw_device)); \ 342632SN/A (rule)->fw_op = op; (rule)->fw_dir = dir; \ 352632SN/A (rule)->fw_proto = p; \ 362632SN/A memmove(&(rule)->fw_src, &(s), sizeof((rule)->fw_src)); \ 372632SN/A memmove(&(rule)->fw_dst, &(d), sizeof((rule)->fw_dst)); \ 382632SN/A (rule)->fw_sport[0] = sp1; (rule)->fw_sport[1] = sp2; \ 392632SN/A (rule)->fw_dport[0] = dp1; (rule)->fw_dport[1] = dp2; \ 402632SN/A} while (0) 412632SN/A 422632SN/Atypedef struct fw_handle fw_t; 432632SN/A 442632SN/Atypedef int (*fw_handler)(const struct fw_rule *rule, void *arg); 452632SN/A 462632SN/A__BEGIN_DECLS 472632SN/Afw_t *fw_open(void); 482632SN/Aint fw_add(fw_t *f, const struct fw_rule *rule); 492632SN/Aint fw_delete(fw_t *f, const struct fw_rule *rule); 502632SN/Aint fw_loop(fw_t *f, fw_handler callback, void *arg); 512632SN/Afw_t *fw_close(fw_t *f); 522632SN/A__END_DECLS 532632SN/A 542632SN/A#endif /* DNET_FW_H */ 55