13b3a8eb9SGleb Smirnoff /* $OpenBSD: pfctl.h,v 1.42 2007/12/05 12:01:47 chl Exp $ */ 23b3a8eb9SGleb Smirnoff 31de7b4b8SPedro F. Giffuni /*- 41de7b4b8SPedro F. Giffuni * SPDX-License-Identifier: BSD-2-Clause 51de7b4b8SPedro F. Giffuni * 63b3a8eb9SGleb Smirnoff * Copyright (c) 2001 Daniel Hartmeier 73b3a8eb9SGleb Smirnoff * All rights reserved. 83b3a8eb9SGleb Smirnoff * 93b3a8eb9SGleb Smirnoff * Redistribution and use in source and binary forms, with or without 103b3a8eb9SGleb Smirnoff * modification, are permitted provided that the following conditions 113b3a8eb9SGleb Smirnoff * are met: 123b3a8eb9SGleb Smirnoff * 133b3a8eb9SGleb Smirnoff * - Redistributions of source code must retain the above copyright 143b3a8eb9SGleb Smirnoff * notice, this list of conditions and the following disclaimer. 153b3a8eb9SGleb Smirnoff * - Redistributions in binary form must reproduce the above 163b3a8eb9SGleb Smirnoff * copyright notice, this list of conditions and the following 173b3a8eb9SGleb Smirnoff * disclaimer in the documentation and/or other materials provided 183b3a8eb9SGleb Smirnoff * with the distribution. 193b3a8eb9SGleb Smirnoff * 203b3a8eb9SGleb Smirnoff * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 213b3a8eb9SGleb Smirnoff * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 223b3a8eb9SGleb Smirnoff * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 233b3a8eb9SGleb Smirnoff * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 243b3a8eb9SGleb Smirnoff * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 253b3a8eb9SGleb Smirnoff * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 263b3a8eb9SGleb Smirnoff * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 273b3a8eb9SGleb Smirnoff * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 283b3a8eb9SGleb Smirnoff * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 293b3a8eb9SGleb Smirnoff * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 303b3a8eb9SGleb Smirnoff * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 313b3a8eb9SGleb Smirnoff * POSSIBILITY OF SUCH DAMAGE. 323b3a8eb9SGleb Smirnoff */ 333b3a8eb9SGleb Smirnoff 343b3a8eb9SGleb Smirnoff #ifndef _PFCTL_H_ 353b3a8eb9SGleb Smirnoff #define _PFCTL_H_ 363b3a8eb9SGleb Smirnoff 37e9eb0941SKristof Provost #include <libpfctl.h> 38e9eb0941SKristof Provost 39441d4894SKristof Provost extern struct pfctl_handle *pfh; 40441d4894SKristof Provost 41c5131afeSKristof Provost struct pfctl; 42c5131afeSKristof Provost 433b3a8eb9SGleb Smirnoff enum pfctl_show { PFCTL_SHOW_RULES, PFCTL_SHOW_LABELS, PFCTL_SHOW_NOTHING }; 443b3a8eb9SGleb Smirnoff 453b3a8eb9SGleb Smirnoff enum { PFRB_TABLES = 1, PFRB_TSTATS, PFRB_ADDRS, PFRB_ASTATS, 463b3a8eb9SGleb Smirnoff PFRB_IFACES, PFRB_TRANS, PFRB_MAX }; 473b3a8eb9SGleb Smirnoff struct pfr_buffer { 483b3a8eb9SGleb Smirnoff int pfrb_type; /* type of content, see enum above */ 493b3a8eb9SGleb Smirnoff int pfrb_size; /* number of objects in buffer */ 503b3a8eb9SGleb Smirnoff int pfrb_msize; /* maximum number of objects in buffer */ 513b3a8eb9SGleb Smirnoff void *pfrb_caddr; /* malloc'ated memory area */ 523b3a8eb9SGleb Smirnoff }; 533b3a8eb9SGleb Smirnoff #define PFRB_FOREACH(var, buf) \ 543b3a8eb9SGleb Smirnoff for ((var) = pfr_buf_next((buf), NULL); \ 553b3a8eb9SGleb Smirnoff (var) != NULL; \ 563b3a8eb9SGleb Smirnoff (var) = pfr_buf_next((buf), (var))) 573b3a8eb9SGleb Smirnoff 58041ce1d6SKristof Provost struct pfr_anchoritem { 59041ce1d6SKristof Provost SLIST_ENTRY(pfr_anchoritem) pfra_sle; 60041ce1d6SKristof Provost char *pfra_anchorname; 61041ce1d6SKristof Provost }; 62041ce1d6SKristof Provost 63041ce1d6SKristof Provost SLIST_HEAD(pfr_anchors, pfr_anchoritem); 64041ce1d6SKristof Provost 653b3a8eb9SGleb Smirnoff int pfr_get_fd(void); 66b452e72bSKristof Provost int pfr_add_table(struct pfr_table *, int *, int); 672c96c9b0SKristof Provost int pfr_del_table(struct pfr_table *, int *, int); 683b3a8eb9SGleb Smirnoff int pfr_get_tables(struct pfr_table *, struct pfr_table *, int *, int); 696463b6b5SKristof Provost int pfr_clr_astats(struct pfr_table *, struct pfr_addr *, int, int *, int); 703b3a8eb9SGleb Smirnoff int pfr_clr_addrs(struct pfr_table *, int *, int); 713b3a8eb9SGleb Smirnoff int pfr_add_addrs(struct pfr_table *, struct pfr_addr *, int, int *, int); 723b3a8eb9SGleb Smirnoff int pfr_del_addrs(struct pfr_table *, struct pfr_addr *, int, int *, int); 733b3a8eb9SGleb Smirnoff int pfr_set_addrs(struct pfr_table *, struct pfr_addr *, int, int *, 743b3a8eb9SGleb Smirnoff int *, int *, int *, int); 753b3a8eb9SGleb Smirnoff int pfr_get_addrs(struct pfr_table *, struct pfr_addr *, int *, int); 763b3a8eb9SGleb Smirnoff int pfr_get_astats(struct pfr_table *, struct pfr_astats *, int *, int); 773b3a8eb9SGleb Smirnoff int pfr_tst_addrs(struct pfr_table *, struct pfr_addr *, int, int *, int); 783b3a8eb9SGleb Smirnoff int pfr_ina_define(struct pfr_table *, struct pfr_addr *, int, int *, 793b3a8eb9SGleb Smirnoff int *, int, int); 803b3a8eb9SGleb Smirnoff void pfr_buf_clear(struct pfr_buffer *); 813b3a8eb9SGleb Smirnoff int pfr_buf_add(struct pfr_buffer *, const void *); 823b3a8eb9SGleb Smirnoff void *pfr_buf_next(struct pfr_buffer *, const void *); 833b3a8eb9SGleb Smirnoff int pfr_buf_grow(struct pfr_buffer *, int); 843b3a8eb9SGleb Smirnoff int pfr_buf_load(struct pfr_buffer *, char *, int, 854ace4ea9SKristof Provost int (*)(struct pfr_buffer *, char *, int, int), int); 86*00406234SKristof Provost char *pf_strerror(int); 873b3a8eb9SGleb Smirnoff int pfi_get_ifaces(const char *, struct pfi_kif *, int *); 883b3a8eb9SGleb Smirnoff int pfi_clr_istats(const char *, int *, int); 893b3a8eb9SGleb Smirnoff 903b3a8eb9SGleb Smirnoff void pfctl_print_title(char *); 91041ce1d6SKristof Provost int pfctl_do_clear_tables(const char *, int); 92feac1771SKristof Provost void pfctl_show_tables(const char *, int); 93945ba658SKristof Provost int pfctl_table(int, char *[], char *, const char *, char *, 943b3a8eb9SGleb Smirnoff const char *, int); 953b3a8eb9SGleb Smirnoff int pfctl_show_altq(int, const char *, int, int); 96f8a8bb7bSKristof Provost void warn_duplicate_tables(const char *, const char *); 97feac1771SKristof Provost void pfctl_show_ifaces(const char *, int); 98a7191e5dSKristof Provost void pfctl_show_creators(int); 993b3a8eb9SGleb Smirnoff FILE *pfctl_fopen(const char *, const char *); 1003b3a8eb9SGleb Smirnoff 1013b3a8eb9SGleb Smirnoff #ifdef __FreeBSD__ 1023b3a8eb9SGleb Smirnoff extern int altqsupport; 1033b3a8eb9SGleb Smirnoff extern int dummynetsupport; 1043b3a8eb9SGleb Smirnoff #define HTONL(x) (x) = htonl((__uint32_t)(x)) 1053b3a8eb9SGleb Smirnoff #endif 1063b3a8eb9SGleb Smirnoff 1073b3a8eb9SGleb Smirnoff #ifndef DEFAULT_PRIORITY 1083b3a8eb9SGleb Smirnoff #define DEFAULT_PRIORITY 1 1093b3a8eb9SGleb Smirnoff #endif 1103b3a8eb9SGleb Smirnoff 1113b3a8eb9SGleb Smirnoff #ifndef DEFAULT_QLIMIT 1123b3a8eb9SGleb Smirnoff #define DEFAULT_QLIMIT 50 1133b3a8eb9SGleb Smirnoff #endif 1143b3a8eb9SGleb Smirnoff 1153b3a8eb9SGleb Smirnoff /* 1163b3a8eb9SGleb Smirnoff * generalized service curve used for admission control 1173b3a8eb9SGleb Smirnoff */ 1183b3a8eb9SGleb Smirnoff struct segment { 1193b3a8eb9SGleb Smirnoff LIST_ENTRY(segment) _next; 1203b3a8eb9SGleb Smirnoff double x, y, d, m; 1213b3a8eb9SGleb Smirnoff }; 1223b3a8eb9SGleb Smirnoff 1233b3a8eb9SGleb Smirnoff extern int loadopt; 1243b3a8eb9SGleb Smirnoff 1253b3a8eb9SGleb Smirnoff int check_commit_altq(int, int); 1263b3a8eb9SGleb Smirnoff void pfaltq_store(struct pf_altq *); 1273b3a8eb9SGleb Smirnoff char *rate2str(double); 1283b3a8eb9SGleb Smirnoff 1293b3a8eb9SGleb Smirnoff void print_addr(struct pf_addr_wrap *, sa_family_t, int); 130466ac79eSKristof Provost void print_addr_str(sa_family_t, struct pf_addr *); 1313b3a8eb9SGleb Smirnoff void print_host(struct pf_addr *, u_int16_t p, sa_family_t, int); 132bc941291SKristof Provost void print_seq(struct pfctl_state_peer *); 133bc941291SKristof Provost void print_state(struct pfctl_state *, int); 1343b3a8eb9SGleb Smirnoff 1353b3a8eb9SGleb Smirnoff int pfctl_cmdline_symset(char *); 1363b3a8eb9SGleb Smirnoff int pfctl_add_trans(struct pfr_buffer *, int, const char *); 1373b3a8eb9SGleb Smirnoff u_int32_t 1383b3a8eb9SGleb Smirnoff pfctl_get_ticket(struct pfr_buffer *, int, const char *); 1393b3a8eb9SGleb Smirnoff int pfctl_trans(int, struct pfr_buffer *, u_long, int); 1403b3a8eb9SGleb Smirnoff 141a9b338b2SKristof Provost int pf_get_ruleset_number(u_int8_t); 142e9eb0941SKristof Provost void pf_init_ruleset(struct pfctl_ruleset *); 143e9eb0941SKristof Provost int pfctl_anchor_setup(struct pfctl_rule *, 144e9eb0941SKristof Provost const struct pfctl_ruleset *, const char *); 145e9eb0941SKristof Provost void pf_remove_if_empty_ruleset(struct pfctl_ruleset *); 146e9eb0941SKristof Provost struct pfctl_ruleset *pf_find_ruleset(const char *); 147e9eb0941SKristof Provost struct pfctl_ruleset *pf_find_or_create_ruleset(const char *); 148c5131afeSKristof Provost void pf_init_eth_ruleset(struct pfctl_eth_ruleset *); 149c5131afeSKristof Provost int pfctl_eth_anchor_setup(struct pfctl *, 150c5131afeSKristof Provost struct pfctl_eth_rule *, 151c5131afeSKristof Provost const struct pfctl_eth_ruleset *, const char *); 152c5131afeSKristof Provost struct pfctl_eth_ruleset *pf_find_or_create_eth_ruleset(const char *); 153c5131afeSKristof Provost void pf_remove_if_empty_eth_ruleset( 154c5131afeSKristof Provost struct pfctl_eth_ruleset *); 155a9b338b2SKristof Provost 15609c7f238SKristof Provost void expand_label(char *, size_t, struct pfctl_rule *); 15709c7f238SKristof Provost 158858937beSMateusz Guzik const char *pfctl_proto2name(int); 159858937beSMateusz Guzik 160041ce1d6SKristof Provost void pfctl_err(int, int, const char *, ...); 161041ce1d6SKristof Provost void pfctl_errx(int, int, const char *, ...); 162041ce1d6SKristof Provost 1633b3a8eb9SGleb Smirnoff #endif /* _PFCTL_H_ */ 164