fw.h revision 2632 
1/*
2 * fw.h
3 *
4 * Network firewalling operations.
5 *
6 * Copyright (c) 2001 Dug Song <dugsong@monkey.org>
7 *
8 * $Id: fw.h,v 1.13 2002/12/14 04:02:36 dugsong Exp $
9 */
10
11#ifndef DNET_FW_H
12#define DNET_FW_H
13
14struct fw_rule {
15        char		fw_device[INTF_NAME_LEN]; /* interface name */
16        uint8_t		fw_op;			  /* operation */
17        uint8_t		fw_dir;			  /* direction */
18        uint8_t		fw_proto;		  /* IP protocol */
19        struct addr	fw_src;			  /* src address / net */
20        struct addr	fw_dst;			  /* dst address / net */
21        uint16_t	fw_sport[2];		  /* range / ICMP type */
22        uint16_t	fw_dport[2];		  /* range / ICMP code */
23};
24
25#define FW_OP_ALLOW	1
26#define FW_OP_BLOCK	2
27
28#define FW_DIR_IN	1
29#define FW_DIR_OUT	2
30
31#define fw_pack_rule(rule, dev, op, dir, p, s, d, sp1, sp2, dp1, dp2)	\
32do {									\
33        strlcpy((rule)->fw_device, dev, sizeof((rule)->fw_device));	\
34        (rule)->fw_op = op; (rule)->fw_dir = dir;			\
35        (rule)->fw_proto = p;						\
36        memmove(&(rule)->fw_src, &(s), sizeof((rule)->fw_src));		\
37        memmove(&(rule)->fw_dst, &(d), sizeof((rule)->fw_dst));		\
38        (rule)->fw_sport[0] = sp1; (rule)->fw_sport[1] = sp2;		\
39        (rule)->fw_dport[0] = dp1; (rule)->fw_dport[1] = dp2;		\
40} while (0)
41
42typedef struct fw_handle fw_t;
43
44typedef int (*fw_handler)(const struct fw_rule *rule, void *arg);
45
46__BEGIN_DECLS
47fw_t	*fw_open(void);
48int	 fw_add(fw_t *f, const struct fw_rule *rule);
49int	 fw_delete(fw_t *f, const struct fw_rule *rule);
50int	 fw_loop(fw_t *f, fw_handler callback, void *arg);
51fw_t	*fw_close(fw_t *f);
52__END_DECLS
53
54#endif /* DNET_FW_H */
55