xref: /freebsd/sbin/ipf/common/ipmon.h (revision 5e3190f700637fcfc1a52daeaa4a031fdd2557c7)
1 
2 /*
3  * Copyright (C) 2012 by Darren Reed.
4  *
5  * See the IPFILTER.LICENCE file for details on licencing.
6  *
7  * @(#)ip_fil.h	1.35 6/5/96
8  * $Id$
9  */
10 
11 typedef struct ipmon_msg_s {
12 	int	imm_msglen;
13 	char	*imm_msg;
14 	int	imm_dsize;
15 	void	*imm_data;
16 	time_t	imm_when;
17 	int	imm_loglevel;
18 } ipmon_msg_t;
19 
20 typedef	void	(*ims_destroy_func_t)(void *);
21 typedef	void	*(*ims_dup_func_t)(void *);
22 typedef	int	(*ims_match_func_t)(void *, void *);
23 typedef	void	*(*ims_parse_func_t)(char **);
24 typedef	void	(*ims_print_func_t)(void *);
25 typedef	int	(*ims_store_func_t)(void *, ipmon_msg_t *);
26 
27 typedef struct ipmon_saver_s {
28 	char			*ims_name;
29 	ims_destroy_func_t	ims_destroy;
30 	ims_dup_func_t		ims_dup;
31 	ims_match_func_t	ims_match;
32 	ims_parse_func_t	ims_parse;
33 	ims_print_func_t	ims_print;
34 	ims_store_func_t	ims_store;
35 } ipmon_saver_t;
36 
37 typedef struct	ipmon_saver_int_s {
38 	struct ipmon_saver_int_s	*imsi_next;
39 	ipmon_saver_t			*imsi_stor;
40 	void				*imsi_handle;
41 } ipmon_saver_int_t;
42 
43 typedef	struct	ipmon_doing_s {
44 	struct ipmon_doing_s	*ipmd_next;
45 	void			*ipmd_token;
46 	ipmon_saver_t		*ipmd_saver;
47 	/*
48 	 * ipmd_store is "cached" in this structure to avoid a double
49 	 * deref when doing saves....
50 	 */
51 	int			(*ipmd_store)(void *, ipmon_msg_t *);
52 } ipmon_doing_t;
53 
54 
55 typedef	struct	ipmon_action {
56 	struct	ipmon_action	*ac_next;
57 	int	ac_mflag;	/* collection of things to compare */
58 	int	ac_dflag;	/* flags to compliment the doing fields */
59 	int	ac_logpri;
60 	int	ac_direction;
61 	char	ac_group[FR_GROUPLEN];
62 	char	ac_nattag[16];
63 	u_32_t	ac_logtag;
64 	int	ac_type;	/* nat/state/ipf */
65 	int	ac_proto;
66 	int	ac_rule;
67 	int	ac_packet;
68 	int	ac_second;
69 	int	ac_result;
70 	u_32_t	ac_sip;
71 	u_32_t	ac_smsk;
72 	u_32_t	ac_dip;
73 	u_32_t	ac_dmsk;
74 	u_short	ac_sport;
75 	u_short	ac_dport;
76 	char	*ac_iface;
77 	/*
78 	 * used with ac_packet/ac_second
79 	 */
80 	struct	timeval	ac_last;
81 	int	ac_pktcnt;
82 	/*
83 	 * What to do with matches
84 	 */
85 	ipmon_doing_t	*ac_doing;
86 } ipmon_action_t;
87 
88 #define	ac_lastsec	ac_last.tv_sec
89 #define	ac_lastusec	ac_last.tv_usec
90 
91 /*
92  * Flags indicating what fields to do matching upon (ac_mflag).
93  */
94 #define	IPMAC_DIRECTION	0x0001
95 #define	IPMAC_DSTIP	0x0002
96 #define	IPMAC_DSTPORT	0x0004
97 #define	IPMAC_EVERY	0x0008
98 #define	IPMAC_GROUP	0x0010
99 #define	IPMAC_INTERFACE	0x0020
100 #define	IPMAC_LOGTAG	0x0040
101 #define	IPMAC_NATTAG	0x0080
102 #define	IPMAC_PROTOCOL	0x0100
103 #define	IPMAC_RESULT	0x0200
104 #define	IPMAC_RULE	0x0400
105 #define	IPMAC_SRCIP	0x0800
106 #define	IPMAC_SRCPORT	0x1000
107 #define	IPMAC_TYPE	0x2000
108 #define	IPMAC_WITH	0x4000
109 
110 #define	IPMR_BLOCK	1
111 #define	IPMR_PASS	2
112 #define	IPMR_NOMATCH	3
113 #define	IPMR_LOG	4
114 
115 #define	IPMON_SYSLOG	0x001
116 #define	IPMON_RESOLVE	0x002
117 #define	IPMON_HEXBODY	0x004
118 #define	IPMON_HEXHDR	0x010
119 #define	IPMON_TAIL	0x020
120 #define	IPMON_VERBOSE	0x040
121 #define	IPMON_NAT	0x080
122 #define	IPMON_STATE	0x100
123 #define	IPMON_FILTER	0x200
124 #define	IPMON_PORTNUM	0x400
125 #define	IPMON_LOGALL	(IPMON_NAT|IPMON_STATE|IPMON_FILTER)
126 #define	IPMON_LOGBODY	0x800
127 
128 #define	HOSTNAME_V4(a,b)	hostname((a), 4, (u_32_t *)&(b))
129 
130 #ifndef	LOGFAC
131 #define	LOGFAC	LOG_LOCAL0
132 #endif
133 
134 extern	void	dump_config(void);
135 extern	int	load_config(char *);
136 extern	void	unload_config(void);
137 extern	void	dumphex(FILE *, int, char *, int);
138 extern	int	check_action(char *, char *, int, int);
139 extern	char	*getword(int);
140 extern	void	*add_doing(ipmon_saver_t *);
141 
142