1ee67461eSJoseph Mingrone /* 2ee67461eSJoseph Mingrone * Copyright (c) 1982, 1986, 1993 3ee67461eSJoseph Mingrone * The Regents of the University of California. All rights reserved. 4ee67461eSJoseph Mingrone * 5ee67461eSJoseph Mingrone * Redistribution and use in source and binary forms, with or without 6ee67461eSJoseph Mingrone * modification, are permitted provided that the following conditions 7ee67461eSJoseph Mingrone * are met: 8ee67461eSJoseph Mingrone * 1. Redistributions of source code must retain the above copyright 9ee67461eSJoseph Mingrone * notice, this list of conditions and the following disclaimer. 10ee67461eSJoseph Mingrone * 2. Redistributions in binary form must reproduce the above copyright 11ee67461eSJoseph Mingrone * notice, this list of conditions and the following disclaimer in the 12ee67461eSJoseph Mingrone * documentation and/or other materials provided with the distribution. 13ee67461eSJoseph Mingrone * 3. All advertising materials mentioning features or use of this software 14ee67461eSJoseph Mingrone * must display the following acknowledgement: 15ee67461eSJoseph Mingrone * This product includes software developed by the University of 16ee67461eSJoseph Mingrone * California, Berkeley and its contributors. 17ee67461eSJoseph Mingrone * 4. Neither the name of the University nor the names of its contributors 18ee67461eSJoseph Mingrone * may be used to endorse or promote products derived from this software 19ee67461eSJoseph Mingrone * without specific prior written permission. 20ee67461eSJoseph Mingrone * 21ee67461eSJoseph Mingrone * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22ee67461eSJoseph Mingrone * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23ee67461eSJoseph Mingrone * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24ee67461eSJoseph Mingrone * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25ee67461eSJoseph Mingrone * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26ee67461eSJoseph Mingrone * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27ee67461eSJoseph Mingrone * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28ee67461eSJoseph Mingrone * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29ee67461eSJoseph Mingrone * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30ee67461eSJoseph Mingrone * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31ee67461eSJoseph Mingrone * SUCH DAMAGE. 32ee67461eSJoseph Mingrone */ 33ee67461eSJoseph Mingrone 34ee67461eSJoseph Mingrone /* 35ee67461eSJoseph Mingrone * pflog headers, at least as they exist now. 36ee67461eSJoseph Mingrone */ 37ee67461eSJoseph Mingrone #define PFLOG_IFNAMSIZ 16 38ee67461eSJoseph Mingrone #define PFLOG_RULESET_NAME_SIZE 16 39ee67461eSJoseph Mingrone 40ee67461eSJoseph Mingrone /* 41ee67461eSJoseph Mingrone * Direction values. 42ee67461eSJoseph Mingrone */ 43ee67461eSJoseph Mingrone #define PF_INOUT 0 44ee67461eSJoseph Mingrone #define PF_IN 1 45ee67461eSJoseph Mingrone #define PF_OUT 2 46ee67461eSJoseph Mingrone #if defined(__OpenBSD__) 47ee67461eSJoseph Mingrone #define PF_FWD 3 48ee67461eSJoseph Mingrone #endif 49ee67461eSJoseph Mingrone 50ee67461eSJoseph Mingrone /* 51ee67461eSJoseph Mingrone * Reason values. 52ee67461eSJoseph Mingrone */ 53ee67461eSJoseph Mingrone #define PFRES_MATCH 0 54ee67461eSJoseph Mingrone #define PFRES_BADOFF 1 55ee67461eSJoseph Mingrone #define PFRES_FRAG 2 56ee67461eSJoseph Mingrone #define PFRES_SHORT 3 57ee67461eSJoseph Mingrone #define PFRES_NORM 4 58ee67461eSJoseph Mingrone #define PFRES_MEMORY 5 59ee67461eSJoseph Mingrone #define PFRES_TS 6 60ee67461eSJoseph Mingrone #define PFRES_CONGEST 7 61ee67461eSJoseph Mingrone #define PFRES_IPOPTIONS 8 62ee67461eSJoseph Mingrone #define PFRES_PROTCKSUM 9 63ee67461eSJoseph Mingrone #define PFRES_BADSTATE 10 64ee67461eSJoseph Mingrone #define PFRES_STATEINS 11 65ee67461eSJoseph Mingrone #define PFRES_MAXSTATES 12 66ee67461eSJoseph Mingrone #define PFRES_SRCLIMIT 13 67ee67461eSJoseph Mingrone #define PFRES_SYNPROXY 14 68ee67461eSJoseph Mingrone #if defined(__FreeBSD__) 69ee67461eSJoseph Mingrone #define PFRES_MAPFAILED 15 70ee67461eSJoseph Mingrone #elif defined(__NetBSD__) 71ee67461eSJoseph Mingrone #define PFRES_STATELOCKED 15 72ee67461eSJoseph Mingrone #elif defined(__OpenBSD__) 73ee67461eSJoseph Mingrone #define PFRES_TRANSLATE 15 74ee67461eSJoseph Mingrone #define PFRES_NOROUTE 16 75ee67461eSJoseph Mingrone #elif defined(__APPLE__) 76ee67461eSJoseph Mingrone #define PFRES_DUMMYNET 15 77ee67461eSJoseph Mingrone #endif 78ee67461eSJoseph Mingrone 79ee67461eSJoseph Mingrone /* 80ee67461eSJoseph Mingrone * Action values. 81ee67461eSJoseph Mingrone */ 82ee67461eSJoseph Mingrone #define PF_PASS 0 83ee67461eSJoseph Mingrone #define PF_DROP 1 84ee67461eSJoseph Mingrone #define PF_SCRUB 2 85ee67461eSJoseph Mingrone #define PF_NOSCRUB 3 86ee67461eSJoseph Mingrone #define PF_NAT 4 87ee67461eSJoseph Mingrone #define PF_NONAT 5 88ee67461eSJoseph Mingrone #define PF_BINAT 6 89ee67461eSJoseph Mingrone #define PF_NOBINAT 7 90ee67461eSJoseph Mingrone #define PF_RDR 8 91ee67461eSJoseph Mingrone #define PF_NORDR 9 92ee67461eSJoseph Mingrone #define PF_SYNPROXY_DROP 10 93ee67461eSJoseph Mingrone #if defined(__FreeBSD__) 94ee67461eSJoseph Mingrone #define PF_DEFER 11 95ee67461eSJoseph Mingrone #define PF_MATCH 12 96ee67461eSJoseph Mingrone #elif defined(__OpenBSD__) 97ee67461eSJoseph Mingrone #define PF_DEFER 11 98ee67461eSJoseph Mingrone #define PF_MATCH 12 99ee67461eSJoseph Mingrone #define PF_DIVERT 13 100ee67461eSJoseph Mingrone #define PF_RT 14 101ee67461eSJoseph Mingrone #define PF_AFRT 15 102ee67461eSJoseph Mingrone #elif defined(__APPLE__) 103ee67461eSJoseph Mingrone #define PF_DUMMYNET 11 104ee67461eSJoseph Mingrone #define PF_NODUMMYNET 12 105ee67461eSJoseph Mingrone #define PF_NAT64 13 106ee67461eSJoseph Mingrone #define PF_NONAT64 14 107ee67461eSJoseph Mingrone #endif 108ee67461eSJoseph Mingrone 109ee67461eSJoseph Mingrone struct pf_addr { 110ee67461eSJoseph Mingrone union { 111ee67461eSJoseph Mingrone nd_ipv4 v4; 112ee67461eSJoseph Mingrone nd_ipv6 v6; 113ee67461eSJoseph Mingrone } pfa; /* 128-bit address */ 114ee67461eSJoseph Mingrone #define v4 pfa.v4 115ee67461eSJoseph Mingrone #define v6 pfa.v6 116ee67461eSJoseph Mingrone }; 117ee67461eSJoseph Mingrone 118ee67461eSJoseph Mingrone struct pfloghdr { 119*0a7e5f1fSJoseph Mingrone nd_uint8_t length; 120*0a7e5f1fSJoseph Mingrone nd_uint8_t af; 121*0a7e5f1fSJoseph Mingrone nd_uint8_t action; 122*0a7e5f1fSJoseph Mingrone nd_uint8_t reason; 123ee67461eSJoseph Mingrone char ifname[PFLOG_IFNAMSIZ]; 124ee67461eSJoseph Mingrone char ruleset[PFLOG_RULESET_NAME_SIZE]; 125*0a7e5f1fSJoseph Mingrone nd_uint32_t rulenr; 126*0a7e5f1fSJoseph Mingrone nd_uint32_t subrulenr; 127*0a7e5f1fSJoseph Mingrone nd_uint32_t uid; 128*0a7e5f1fSJoseph Mingrone nd_int32_t pid; 129*0a7e5f1fSJoseph Mingrone nd_uint32_t rule_uid; 130*0a7e5f1fSJoseph Mingrone nd_int32_t rule_pid; 131*0a7e5f1fSJoseph Mingrone nd_uint8_t dir; 132*0a7e5f1fSJoseph Mingrone /* Minimum header length (without padding): 61 */ 133*0a7e5f1fSJoseph Mingrone #define MIN_PFLOG_HDRLEN 61 134ee67461eSJoseph Mingrone #if defined(__OpenBSD__) 135*0a7e5f1fSJoseph Mingrone nd_uint8_t rewritten; 136*0a7e5f1fSJoseph Mingrone nd_uint8_t naf; 137*0a7e5f1fSJoseph Mingrone nd_uint8_t pad[1]; 138ee67461eSJoseph Mingrone #else 139*0a7e5f1fSJoseph Mingrone nd_uint8_t pad[3]; 140ee67461eSJoseph Mingrone #endif 141ee67461eSJoseph Mingrone #if defined(__FreeBSD__) 142*0a7e5f1fSJoseph Mingrone nd_uint32_t ridentifier; 143*0a7e5f1fSJoseph Mingrone nd_uint8_t reserve; 144*0a7e5f1fSJoseph Mingrone nd_uint8_t pad2[3]; 145ee67461eSJoseph Mingrone #elif defined(__OpenBSD__) 146ee67461eSJoseph Mingrone struct pf_addr saddr; 147ee67461eSJoseph Mingrone struct pf_addr daddr; 148*0a7e5f1fSJoseph Mingrone nd_uint16_t sport; 149*0a7e5f1fSJoseph Mingrone nd_uint16_t dport; 150ee67461eSJoseph Mingrone #endif 151ee67461eSJoseph Mingrone }; 152