xref: /freebsd/lib/libugidfw/bsde_get_rule.3 (revision 2357939bc239bd5334a169b62313806178dd8f30) 
1.\" Copyright (c) 2003-2004 Networks Associates Technology, Inc.
2.\" All rights reserved.
3.\"
4.\" This software was developed for the FreeBSD Project by Chris
5.\" Costello at Safeport Network Services and Network Associates
6.\" Laboratories, the Security Research Division of Network Associates,
7.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
8.\" of the DARPA CHATS research program.
9.\"
10.\" Redistribution and use in source and binary forms, with or without
11.\" modification, are permitted provided that the following conditions
12.\" are met:
13.\" 1. Redistributions of source code must retain the above copyright
14.\"    notice, this list of conditions and the following disclaimer.
15.\" 2. Redistributions in binary form must reproduce the above copyright
16.\"    notice, this list of conditions and the following disclaimer in the
17.\"    documentation and/or other materials provided with the distribution.
18.\"
19.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29.\" SUCH DAMAGE.
30.\"
31.\" $FreeBSD$
32.\"
33.Dd February 24, 2004
34.Os
35.Dt BSDE_GET_RULE 3
36.Sh NAME
37.Nm bsde_add_rule ,
38.Nm bsde_get_rule ,
39.Nm bsde_set_rule ,
40.Nm bsde_delete_rule
41.Nd "file system firewall rules list management"
42.Sh LIBRARY
43.Lb libugidfw
44.Sh SYNOPSIS
45.In ugidfw.h
46.Ft int
47.Fo bsde_add_rule
48.Fa "int *rulenum" "struct mac_bsdextended_rule *rule"
49.Fa "size_t buflen" "char *errstr"
50.Fc
51.Ft int
52.Fo bsde_get_rule
53.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
54.Fa "size_t errlen" "char *errstr"
55.Fc
56.Ft int
57.Fo bsde_set_rule
58.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
59.Fa "size_t errlen" "char *errstr"
60.Fc
61.Ft int
62.Fn bsde_delete_rule "int rulenum" "size_t errlen" "char *errstr"
63.Sh DESCRIPTION
64The
65.Fn bsde_add_rule
66function fills the next available
67rule (in
68.Vt "struct mac_bsdextended_rule"
69form, either from
70.Fn bsde_get_rule
71or
72.Xr bsde_parse_rule 3 ) .
73If an error occurs,
74.Fa *errstr
75is filled with the error string
76(up to
77.Fa errlen
78characters, including the terminating
79.Dv NUL ) .
80If successful and
81.Fa rulenum
82is non-NULL, the rule number used will be returned in
83.Fa *rulenum .
84.Pp
85The
86.Fn bsde_get_rule
87function fills in
88.Fa *rule
89with the rule numbered
90.Fa rulenum .
91If an error occurs,
92.Fa *errstr
93is filled in with the error string
94(up to
95.Fa errlen
96characters, including the terminating
97.Dv NUL ) .
98.Pp
99The
100.Fn bsde_set_rule
101function fills the slot numbered
102.Fa rulenum
103with the specified rule
104(in
105.Vt "struct mac_bsdextended_rule"
106form, either from
107.Fn bsde_get_rule
108or
109.Xr bsde_parse_rule 3 ) .
110If an error occurs,
111.Fa *errstr
112is filled with the error string
113(up to
114.Fa errlen
115characters, including the terminating
116.Dv NUL ) .
117.Pp
118The
119.Fn bsde_delete_rule
120function deletes the rule numbered
121.Fa rulenum .
122If an error occurs,
123.Fa *errstr
124is filled with the error string
125(up to
126.Fa errlen
127characters, including the terminating
128.Dv NUL ) .
129.Sh RETURN VALUES
130The
131.Fn bsde_get_rule ,
132.Fn bsde_set_rule ,
133and
134.Fn bsde_delete_rule
135functions return 0 if successful;
136otherwise the value \-1 is returned and the value of
137.Fa *errstr
138is filled in as documented in
139.Sx DESCRIPTION .
140.Sh SEE ALSO
141.Xr bsde_get_rule_count 3 ,
142.Xr bsde_get_rule_slots 3 ,
143.Xr bsde_parse_rule 3 ,
144.Xr bsde_parse_rule_string 3 ,
145.Xr bsde_rule_to_string 3 ,
146.Xr libugidfw 3 ,
147.Xr mac_bsdextended 4 ,
148.Xr ugidfw 8
149.Sh AUTHORS
150This software was contributed to the
151.Fx
152Project by Network Associates Labs,
153the Security Research Division of Network Associates
154Inc. under DARPA/SPAWAR contract N66001-01-C-8035
155.Pq Dq CBOSS ,
156as part of the DARPA CHATS research program.
157