xref: /freebsd/lib/libugidfw/bsde_get_rule.3 (revision fa9896e082a1046ff4fbc75fcba4d18d1f2efc19)

.\" Copyright (c) 2003-2004 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by Chris
.\" Costello at Safeport Network Services and Network Associates
.\" Laboratories, the Security Research Division of Network Associates,
.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
.\" of the DARPA CHATS research program.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd February 24, 2004
.Dt BSDE_GET_RULE 3
.Os
.Sh NAME
.Nm bsde_add_rule ,
.Nm bsde_get_rule ,
.Nm bsde_set_rule ,
.Nm bsde_delete_rule
.Nd "file system firewall rules list management"
.Sh LIBRARY
.Lb libugidfw
.Sh SYNOPSIS
.In ugidfw.h
.Ft int
.Fo bsde_add_rule
.Fa "int *rulenum" "struct mac_bsdextended_rule *rule"
.Fa "size_t buflen" "char *errstr"
.Fc
.Ft int
.Fo bsde_get_rule
.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
.Fa "size_t errlen" "char *errstr"
.Fc
.Ft int
.Fo bsde_set_rule
.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
.Fa "size_t errlen" "char *errstr"
.Fc
.Ft int
.Fn bsde_delete_rule "int rulenum" "size_t errlen" "char *errstr"
.Sh DESCRIPTION
The
.Fn bsde_add_rule
function fills the next available
rule (in
.Vt "struct mac_bsdextended_rule"
form, either from
.Fn bsde_get_rule
or
.Xr bsde_parse_rule 3 ) .
If an error occurs,
.Fa *errstr
is filled with the error string
(up to
.Fa errlen
characters, including the terminating
.Dv NUL ) .
If successful and
.Fa rulenum
is
.No non- Ns Dv NULL ,
the rule number used will be returned in
.Fa *rulenum .
.Pp
The
.Fn bsde_get_rule
function fills in
.Fa *rule
with the rule numbered
.Fa rulenum .
If an error occurs,
.Fa *errstr
is filled in with the error string
(up to
.Fa errlen
characters, including the terminating
.Dv NUL ) .
.Pp
The
.Fn bsde_set_rule
function fills the slot numbered
.Fa rulenum
with the specified rule
(in
.Vt "struct mac_bsdextended_rule"
form, either from
.Fn bsde_get_rule
or
.Xr bsde_parse_rule 3 ) .
If an error occurs,
.Fa *errstr
is filled with the error string
(up to
.Fa errlen
characters, including the terminating
.Dv NUL ) .
.Pp
The
.Fn bsde_delete_rule
function deletes the rule numbered
.Fa rulenum .
If an error occurs,
.Fa *errstr
is filled with the error string
(up to
.Fa errlen
characters, including the terminating
.Dv NUL ) .
.Sh RETURN VALUES
The
.Fn bsde_get_rule ,
.Fn bsde_set_rule ,
and
.Fn bsde_delete_rule
functions return 0 if successful;
otherwise the value \-1 is returned and the value of
.Fa *errstr
is filled in as documented in
.Sx DESCRIPTION .
.Sh SEE ALSO
.Xr bsde_get_rule_count 3 ,
.Xr bsde_get_rule_slots 3 ,
.Xr bsde_parse_rule 3 ,
.Xr bsde_parse_rule_string 3 ,
.Xr bsde_rule_to_string 3 ,
.Xr libugidfw 3 ,
.Xr mac_bsdextended 4 ,
.Xr ugidfw 8
.Sh AUTHORS
This software was contributed to the
.Fx
Project by Network Associates Labs,
the Security Research Division of Network Associates
Inc.
under DARPA/SPAWAR contract N66001-01-C-8035
.Pq Dq CBOSS ,
as part of the DARPA CHATS research program.