fw.h revision 6017:7e310503019e
1/* 2 * fw.h 3 * 4 * Network firewalling operations. 5 * 6 * Copyright (c) 2001 Dug Song <dugsong@monkey.org> 7 * 8 * $Id: fw.h,v 1.13 2002/12/14 04:02:36 dugsong Exp $ 9 */ 10 11#ifndef DNET_FW_H 12#define DNET_FW_H 13 14struct fw_rule { 15 char fw_device[INTF_NAME_LEN]; /* interface name */ 16 uint8_t fw_op; /* operation */ 17 uint8_t fw_dir; /* direction */ 18 uint8_t fw_proto; /* IP protocol */ 19 struct addr fw_src; /* src address / net */ 20 struct addr fw_dst; /* dst address / net */ 21 uint16_t fw_sport[2]; /* range / ICMP type */ 22 uint16_t fw_dport[2]; /* range / ICMP code */ 23}; 24 25#define FW_OP_ALLOW 1 26#define FW_OP_BLOCK 2 27 28#define FW_DIR_IN 1 29#define FW_DIR_OUT 2 30 31#define fw_pack_rule(rule, dev, op, dir, p, s, d, sp1, sp2, dp1, dp2) \ 32do { \ 33 strlcpy((rule)->fw_device, dev, sizeof((rule)->fw_device)); \ 34 (rule)->fw_op = op; (rule)->fw_dir = dir; \ 35 (rule)->fw_proto = p; \ 36 memmove(&(rule)->fw_src, &(s), sizeof((rule)->fw_src)); \ 37 memmove(&(rule)->fw_dst, &(d), sizeof((rule)->fw_dst)); \ 38 (rule)->fw_sport[0] = sp1; (rule)->fw_sport[1] = sp2; \ 39 (rule)->fw_dport[0] = dp1; (rule)->fw_dport[1] = dp2; \ 40} while (0) 41 42typedef struct fw_handle fw_t; 43 44typedef int (*fw_handler)(const struct fw_rule *rule, void *arg); 45 46__BEGIN_DECLS 47fw_t *fw_open(void); 48int fw_add(fw_t *f, const struct fw_rule *rule); 49int fw_delete(fw_t *f, const struct fw_rule *rule); 50int fw_loop(fw_t *f, fw_handler callback, void *arg); 51fw_t *fw_close(fw_t *f); 52__END_DECLS 53 54#endif /* DNET_FW_H */ 55