xref: /freebsd/lib/libugidfw/bsde_get_rule.3 (revision fa9896e082a1046ff4fbc75fcba4d18d1f2efc19) 
1.\" Copyright (c) 2003-2004 Networks Associates Technology, Inc.
2.\" All rights reserved.
3.\"
4.\" This software was developed for the FreeBSD Project by Chris
5.\" Costello at Safeport Network Services and Network Associates
6.\" Laboratories, the Security Research Division of Network Associates,
7.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
8.\" of the DARPA CHATS research program.
9.\"
10.\" Redistribution and use in source and binary forms, with or without
11.\" modification, are permitted provided that the following conditions
12.\" are met:
13.\" 1. Redistributions of source code must retain the above copyright
14.\"    notice, this list of conditions and the following disclaimer.
15.\" 2. Redistributions in binary form must reproduce the above copyright
16.\"    notice, this list of conditions and the following disclaimer in the
17.\"    documentation and/or other materials provided with the distribution.
18.\"
19.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29.\" SUCH DAMAGE.
30.\"
31.Dd February 24, 2004
32.Dt BSDE_GET_RULE 3
33.Os
34.Sh NAME
35.Nm bsde_add_rule ,
36.Nm bsde_get_rule ,
37.Nm bsde_set_rule ,
38.Nm bsde_delete_rule
39.Nd "file system firewall rules list management"
40.Sh LIBRARY
41.Lb libugidfw
42.Sh SYNOPSIS
43.In ugidfw.h
44.Ft int
45.Fo bsde_add_rule
46.Fa "int *rulenum" "struct mac_bsdextended_rule *rule"
47.Fa "size_t buflen" "char *errstr"
48.Fc
49.Ft int
50.Fo bsde_get_rule
51.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
52.Fa "size_t errlen" "char *errstr"
53.Fc
54.Ft int
55.Fo bsde_set_rule
56.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
57.Fa "size_t errlen" "char *errstr"
58.Fc
59.Ft int
60.Fn bsde_delete_rule "int rulenum" "size_t errlen" "char *errstr"
61.Sh DESCRIPTION
62The
63.Fn bsde_add_rule
64function fills the next available
65rule (in
66.Vt "struct mac_bsdextended_rule"
67form, either from
68.Fn bsde_get_rule
69or
70.Xr bsde_parse_rule 3 ) .
71If an error occurs,
72.Fa *errstr
73is filled with the error string
74(up to
75.Fa errlen
76characters, including the terminating
77.Dv NUL ) .
78If successful and
79.Fa rulenum
80is
81.No non- Ns Dv NULL ,
82the rule number used will be returned in
83.Fa *rulenum .
84.Pp
85The
86.Fn bsde_get_rule
87function fills in
88.Fa *rule
89with the rule numbered
90.Fa rulenum .
91If an error occurs,
92.Fa *errstr
93is filled in with the error string
94(up to
95.Fa errlen
96characters, including the terminating
97.Dv NUL ) .
98.Pp
99The
100.Fn bsde_set_rule
101function fills the slot numbered
102.Fa rulenum
103with the specified rule
104(in
105.Vt "struct mac_bsdextended_rule"
106form, either from
107.Fn bsde_get_rule
108or
109.Xr bsde_parse_rule 3 ) .
110If an error occurs,
111.Fa *errstr
112is filled with the error string
113(up to
114.Fa errlen
115characters, including the terminating
116.Dv NUL ) .
117.Pp
118The
119.Fn bsde_delete_rule
120function deletes the rule numbered
121.Fa rulenum .
122If an error occurs,
123.Fa *errstr
124is filled with the error string
125(up to
126.Fa errlen
127characters, including the terminating
128.Dv NUL ) .
129.Sh RETURN VALUES
130The
131.Fn bsde_get_rule ,
132.Fn bsde_set_rule ,
133and
134.Fn bsde_delete_rule
135functions return 0 if successful;
136otherwise the value \-1 is returned and the value of
137.Fa *errstr
138is filled in as documented in
139.Sx DESCRIPTION .
140.Sh SEE ALSO
141.Xr bsde_get_rule_count 3 ,
142.Xr bsde_get_rule_slots 3 ,
143.Xr bsde_parse_rule 3 ,
144.Xr bsde_parse_rule_string 3 ,
145.Xr bsde_rule_to_string 3 ,
146.Xr libugidfw 3 ,
147.Xr mac_bsdextended 4 ,
148.Xr ugidfw 8
149.Sh AUTHORS
150This software was contributed to the
151.Fx
152Project by Network Associates Labs,
153the Security Research Division of Network Associates
154Inc.
155under DARPA/SPAWAR contract N66001-01-C-8035
156.Pq Dq CBOSS ,
157as part of the DARPA CHATS research program.
158