xref: /freebsd/lib/libugidfw/bsde_get_rule.3 (revision e8d8bef961a50d4dc22501cde4fb9fb0be1b2532)
1.\" Copyright (c) 2003-2004 Networks Associates Technology, Inc.
2.\" All rights reserved.
3.\"
4.\" This software was developed for the FreeBSD Project by Chris
5.\" Costello at Safeport Network Services and Network Associates
6.\" Laboratories, the Security Research Division of Network Associates,
7.\" Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part
8.\" of the DARPA CHATS research program.
9.\"
10.\" Redistribution and use in source and binary forms, with or without
11.\" modification, are permitted provided that the following conditions
12.\" are met:
13.\" 1. Redistributions of source code must retain the above copyright
14.\"    notice, this list of conditions and the following disclaimer.
15.\" 2. Redistributions in binary form must reproduce the above copyright
16.\"    notice, this list of conditions and the following disclaimer in the
17.\"    documentation and/or other materials provided with the distribution.
18.\"
19.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
20.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
23.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29.\" SUCH DAMAGE.
30.\"
31.\" $FreeBSD$
32.\"
33.Dd February 24, 2004
34.Dt BSDE_GET_RULE 3
35.Os
36.Sh NAME
37.Nm bsde_add_rule ,
38.Nm bsde_get_rule ,
39.Nm bsde_set_rule ,
40.Nm bsde_delete_rule
41.Nd "file system firewall rules list management"
42.Sh LIBRARY
43.Lb libugidfw
44.Sh SYNOPSIS
45.In ugidfw.h
46.Ft int
47.Fo bsde_add_rule
48.Fa "int *rulenum" "struct mac_bsdextended_rule *rule"
49.Fa "size_t buflen" "char *errstr"
50.Fc
51.Ft int
52.Fo bsde_get_rule
53.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
54.Fa "size_t errlen" "char *errstr"
55.Fc
56.Ft int
57.Fo bsde_set_rule
58.Fa "int rulenum" "struct mac_bsdextended_rule *rule"
59.Fa "size_t errlen" "char *errstr"
60.Fc
61.Ft int
62.Fn bsde_delete_rule "int rulenum" "size_t errlen" "char *errstr"
63.Sh DESCRIPTION
64The
65.Fn bsde_add_rule
66function fills the next available
67rule (in
68.Vt "struct mac_bsdextended_rule"
69form, either from
70.Fn bsde_get_rule
71or
72.Xr bsde_parse_rule 3 ) .
73If an error occurs,
74.Fa *errstr
75is filled with the error string
76(up to
77.Fa errlen
78characters, including the terminating
79.Dv NUL ) .
80If successful and
81.Fa rulenum
82is
83.No non- Ns Dv NULL ,
84the rule number used will be returned in
85.Fa *rulenum .
86.Pp
87The
88.Fn bsde_get_rule
89function fills in
90.Fa *rule
91with the rule numbered
92.Fa rulenum .
93If an error occurs,
94.Fa *errstr
95is filled in with the error string
96(up to
97.Fa errlen
98characters, including the terminating
99.Dv NUL ) .
100.Pp
101The
102.Fn bsde_set_rule
103function fills the slot numbered
104.Fa rulenum
105with the specified rule
106(in
107.Vt "struct mac_bsdextended_rule"
108form, either from
109.Fn bsde_get_rule
110or
111.Xr bsde_parse_rule 3 ) .
112If an error occurs,
113.Fa *errstr
114is filled with the error string
115(up to
116.Fa errlen
117characters, including the terminating
118.Dv NUL ) .
119.Pp
120The
121.Fn bsde_delete_rule
122function deletes the rule numbered
123.Fa rulenum .
124If an error occurs,
125.Fa *errstr
126is filled with the error string
127(up to
128.Fa errlen
129characters, including the terminating
130.Dv NUL ) .
131.Sh RETURN VALUES
132The
133.Fn bsde_get_rule ,
134.Fn bsde_set_rule ,
135and
136.Fn bsde_delete_rule
137functions return 0 if successful;
138otherwise the value \-1 is returned and the value of
139.Fa *errstr
140is filled in as documented in
141.Sx DESCRIPTION .
142.Sh SEE ALSO
143.Xr bsde_get_rule_count 3 ,
144.Xr bsde_get_rule_slots 3 ,
145.Xr bsde_parse_rule 3 ,
146.Xr bsde_parse_rule_string 3 ,
147.Xr bsde_rule_to_string 3 ,
148.Xr libugidfw 3 ,
149.Xr mac_bsdextended 4 ,
150.Xr ugidfw 8
151.Sh AUTHORS
152This software was contributed to the
153.Fx
154Project by Network Associates Labs,
155the Security Research Division of Network Associates
156Inc.
157under DARPA/SPAWAR contract N66001-01-C-8035
158.Pq Dq CBOSS ,
159as part of the DARPA CHATS research program.
160