12cef6288SAlexander V. Chernikov /*- 22cef6288SAlexander V. Chernikov * SPDX-License-Identifier: BSD-2-Clause 32cef6288SAlexander V. Chernikov * 42cef6288SAlexander V. Chernikov * Copyright (c) 2023 Alexander V. Chernikov <melifaro@FreeBSD.org> 52cef6288SAlexander V. Chernikov * Copyright (c) 2023 Rubicon Communications, LLC (Netgate) 62cef6288SAlexander V. Chernikov * 72cef6288SAlexander V. Chernikov * Redistribution and use in source and binary forms, with or without 82cef6288SAlexander V. Chernikov * modification, are permitted provided that the following conditions 92cef6288SAlexander V. Chernikov * are met: 102cef6288SAlexander V. Chernikov * 1. Redistributions of source code must retain the above copyright 112cef6288SAlexander V. Chernikov * notice, this list of conditions and the following disclaimer. 122cef6288SAlexander V. Chernikov * 2. Redistributions in binary form must reproduce the above copyright 132cef6288SAlexander V. Chernikov * notice, this list of conditions and the following disclaimer in the 142cef6288SAlexander V. Chernikov * documentation and/or other materials provided with the distribution. 152cef6288SAlexander V. Chernikov * 162cef6288SAlexander V. Chernikov * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 172cef6288SAlexander V. Chernikov * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 182cef6288SAlexander V. Chernikov * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 192cef6288SAlexander V. Chernikov * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 202cef6288SAlexander V. Chernikov * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 212cef6288SAlexander V. Chernikov * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 222cef6288SAlexander V. Chernikov * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 232cef6288SAlexander V. Chernikov * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 242cef6288SAlexander V. Chernikov * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 252cef6288SAlexander V. Chernikov * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 262cef6288SAlexander V. Chernikov * SUCH DAMAGE. 272cef6288SAlexander V. Chernikov * 282cef6288SAlexander V. Chernikov */ 292cef6288SAlexander V. Chernikov 302cef6288SAlexander V. Chernikov #ifndef _NETPFIL_PF_PF_NL_H_ 312cef6288SAlexander V. Chernikov #define _NETPFIL_PF_PF_NL_H_ 322cef6288SAlexander V. Chernikov 332cef6288SAlexander V. Chernikov /* Genetlink family */ 342cef6288SAlexander V. Chernikov #define PFNL_FAMILY_NAME "pfctl" 352cef6288SAlexander V. Chernikov 362cef6288SAlexander V. Chernikov /* available commands */ 372cef6288SAlexander V. Chernikov enum { 382cef6288SAlexander V. Chernikov PFNL_CMD_UNSPEC = 0, 392cef6288SAlexander V. Chernikov PFNL_CMD_GETSTATES = 1, 40a7191e5dSKristof Provost PFNL_CMD_GETCREATORS = 2, 4181647eb6SKristof Provost PFNL_CMD_START = 3, 4281647eb6SKristof Provost PFNL_CMD_STOP = 4, 43ffbf2595SKristof Provost PFNL_CMD_ADDRULE = 5, 4444f323ecSKristof Provost PFNL_CMD_GETRULES = 6, 45777a4702SKristof Provost PFNL_CMD_GETRULE = 7, 46706d465dSKristof Provost PFNL_CMD_CLRSTATES = 8, 47706d465dSKristof Provost PFNL_CMD_KILLSTATES = 9, 48470a2b33SKristof Provost PFNL_CMD_SET_STATUSIF = 10, 495824df8dSKristof Provost PFNL_CMD_GET_STATUS = 11, 509dbbe68bSKristof Provost PFNL_CMD_CLEAR_STATUS = 12, 5171d3c704SKristof Provost PFNL_CMD_NATLOOK = 13, 52c36c90a2SKristof Provost PFNL_CMD_SET_DEBUG = 14, 5330bad751SKristof Provost PFNL_CMD_SET_TIMEOUT = 15, 5430bad751SKristof Provost PFNL_CMD_GET_TIMEOUT = 16, 55d9ab8999SKristof Provost PFNL_CMD_SET_LIMIT = 17, 56d9ab8999SKristof Provost PFNL_CMD_GET_LIMIT = 18, 57ba2a9207SKristof Provost PFNL_CMD_BEGIN_ADDRS = 19, 58d909f06bSKristof Provost PFNL_CMD_ADD_ADDR = 20, 59644b7b5aSKristof Provost PFNL_CMD_GET_ADDRS = 21, 609ae91f59SKristof Provost PFNL_CMD_GET_ADDR = 22, 6125e0f8f9SKristof Provost PFNL_CMD_GET_RULESETS = 23, 6248f5bf8bSKristof Provost PFNL_CMD_GET_RULESET = 24, 639c125336SKristof Provost PFNL_CMD_GET_SRCNODES = 25, 64441d4894SKristof Provost PFNL_CMD_CLEAR_TABLES = 26, 6584a80eaeSKristof Provost PFNL_CMD_ADD_TABLE = 27, 660d2058abSKristof Provost PFNL_CMD_DEL_TABLE = 28, 679e8d2962SKristof Provost PFNL_CMD_GET_TSTATS = 29, 68*b3a68a2eSKristof Provost PFNL_CMD_CLR_TSTATS = 30, 692cef6288SAlexander V. Chernikov __PFNL_CMD_MAX, 702cef6288SAlexander V. Chernikov }; 712cef6288SAlexander V. Chernikov #define PFNL_CMD_MAX (__PFNL_CMD_MAX -1) 722cef6288SAlexander V. Chernikov 732cef6288SAlexander V. Chernikov enum pfstate_key_type_t { 742cef6288SAlexander V. Chernikov PF_STK_UNSPEC, 752cef6288SAlexander V. Chernikov PF_STK_ADDR0 = 1, /* ip */ 762cef6288SAlexander V. Chernikov PF_STK_ADDR1 = 2, /* ip */ 772cef6288SAlexander V. Chernikov PF_STK_PORT0 = 3, /* u16 */ 782cef6288SAlexander V. Chernikov PF_STK_PORT1 = 4, /* u16 */ 79ebe11b46SKristof Provost PF_STK_AF = 5, /* u8 */ 80ebe11b46SKristof Provost PF_STK_PROTO = 6, /* u16 */ 812cef6288SAlexander V. Chernikov }; 822cef6288SAlexander V. Chernikov 832cef6288SAlexander V. Chernikov enum pfstate_peer_type_t { 842cef6288SAlexander V. Chernikov PF_STP_UNSPEC, 852cef6288SAlexander V. Chernikov PF_STP_PFSS_FLAGS = 1, /* u16 */ 862cef6288SAlexander V. Chernikov PF_STP_PFSS_TTL = 2, /* u8 */ 872cef6288SAlexander V. Chernikov PF_STP_SCRUB_FLAG = 3, /* u8 */ 882cef6288SAlexander V. Chernikov PF_STP_PFSS_TS_MOD = 4, /* u32 */ 892cef6288SAlexander V. Chernikov PF_STP_SEQLO = 5, /* u32 */ 902cef6288SAlexander V. Chernikov PF_STP_SEQHI = 6, /* u32 */ 912cef6288SAlexander V. Chernikov PF_STP_SEQDIFF = 7, /* u32 */ 922cef6288SAlexander V. Chernikov PF_STP_MAX_WIN = 8, /* u16 */ 932cef6288SAlexander V. Chernikov PF_STP_MSS = 9, /* u16 */ 942cef6288SAlexander V. Chernikov PF_STP_STATE = 10, /* u8 */ 952cef6288SAlexander V. Chernikov PF_STP_WSCALE = 11, /* u8 */ 962cef6288SAlexander V. Chernikov }; 972cef6288SAlexander V. Chernikov 982cef6288SAlexander V. Chernikov enum pfstate_type_t { 992cef6288SAlexander V. Chernikov PF_ST_UNSPEC, 1002cef6288SAlexander V. Chernikov PF_ST_ID = 1, /* u32, state id */ 1012cef6288SAlexander V. Chernikov PF_ST_CREATORID = 2, /* u32, */ 1022cef6288SAlexander V. Chernikov PF_ST_IFNAME = 3, /* string */ 1032cef6288SAlexander V. Chernikov PF_ST_ORIG_IFNAME = 4, /* string */ 1042cef6288SAlexander V. Chernikov PF_ST_KEY_WIRE = 5, /* nested, pfstate_key_type_t */ 1052cef6288SAlexander V. Chernikov PF_ST_KEY_STACK = 6, /* nested, pfstate_key_type_t */ 1062cef6288SAlexander V. Chernikov PF_ST_PEER_SRC = 7, /* nested, pfstate_peer_type_t*/ 1072cef6288SAlexander V. Chernikov PF_ST_PEER_DST = 8, /* nested, pfstate_peer_type_t */ 1082cef6288SAlexander V. Chernikov PF_ST_RT_ADDR = 9, /* ip */ 1092cef6288SAlexander V. Chernikov PF_ST_RULE = 10, /* u32 */ 1102cef6288SAlexander V. Chernikov PF_ST_ANCHOR = 11, /* u32 */ 1112cef6288SAlexander V. Chernikov PF_ST_NAT_RULE = 12, /* u32 */ 1122cef6288SAlexander V. Chernikov PF_ST_CREATION = 13, /* u32 */ 1132cef6288SAlexander V. Chernikov PF_ST_EXPIRE = 14, /* u32 */ 1142cef6288SAlexander V. Chernikov PF_ST_PACKETS0 = 15, /* u64 */ 1152cef6288SAlexander V. Chernikov PF_ST_PACKETS1 = 16, /* u64 */ 1162cef6288SAlexander V. Chernikov PF_ST_BYTES0 = 17, /* u64 */ 1172cef6288SAlexander V. Chernikov PF_ST_BYTES1 = 18, /* u64 */ 1182cef6288SAlexander V. Chernikov PF_ST_AF = 19, /* u8 */ 1192cef6288SAlexander V. Chernikov PF_ST_PROTO = 21, /* u8 */ 1202cef6288SAlexander V. Chernikov PF_ST_DIRECTION = 22, /* u8 */ 1212cef6288SAlexander V. Chernikov PF_ST_LOG = 23, /* u8 */ 1222cef6288SAlexander V. Chernikov PF_ST_TIMEOUT = 24, /* u8 */ 1232cef6288SAlexander V. Chernikov PF_ST_STATE_FLAGS = 25, /* u8 */ 1242cef6288SAlexander V. Chernikov PF_ST_SYNC_FLAGS = 26, /* u8 */ 1252cef6288SAlexander V. Chernikov PF_ST_UPDATES = 27, /* u8 */ 1262cef6288SAlexander V. Chernikov PF_ST_VERSION = 28, /* u64 */ 127044eef6aSKristof Provost PF_ST_FILTER_ADDR = 29, /* in6_addr */ 128044eef6aSKristof Provost PF_ST_FILTER_MASK = 30, /* in6_addr */ 129881bf881SKristof Provost PF_ST_RTABLEID = 31, /* i32 */ 130881bf881SKristof Provost PF_ST_MIN_TTL = 32, /* u8 */ 131881bf881SKristof Provost PF_ST_MAX_MSS = 33, /* u16 */ 132881bf881SKristof Provost PF_ST_DNPIPE = 34, /* u16 */ 133881bf881SKristof Provost PF_ST_DNRPIPE = 35, /* u16 */ 134881bf881SKristof Provost PF_ST_RT = 36, /* u8 */ 135881bf881SKristof Provost PF_ST_RT_IFNAME = 37, /* string */ 13607e070efSKajetan Staszkiewicz PF_ST_SRC_NODE_FLAGS = 38, /* u8 */ 1372cef6288SAlexander V. Chernikov }; 1382cef6288SAlexander V. Chernikov 139ffbf2595SKristof Provost enum pf_addr_type_t { 140ffbf2595SKristof Provost PF_AT_UNSPEC, 141ffbf2595SKristof Provost PF_AT_ADDR = 1, /* in6_addr */ 142ffbf2595SKristof Provost PF_AT_MASK = 2, /* in6_addr */ 143ffbf2595SKristof Provost PF_AT_IFNAME = 3, /* string */ 144ffbf2595SKristof Provost PF_AT_TABLENAME = 4, /* string */ 145ffbf2595SKristof Provost PF_AT_TYPE = 5, /* u8 */ 146ffbf2595SKristof Provost PF_AT_IFLAGS = 6, /* u8 */ 147777a4702SKristof Provost PF_AT_TBLCNT = 7, /* u32 */ 148777a4702SKristof Provost PF_AT_DYNCNT = 8, /* u32 */ 149ffbf2595SKristof Provost }; 150ffbf2595SKristof Provost 151ffbf2595SKristof Provost enum pfrule_addr_type_t { 152ffbf2595SKristof Provost PF_RAT_UNSPEC, 153ffbf2595SKristof Provost PF_RAT_ADDR = 1, /* nested, pf_addr_type_t */ 154ffbf2595SKristof Provost PF_RAT_SRC_PORT = 2, /* u16 */ 155ffbf2595SKristof Provost PF_RAT_DST_PORT = 3, /* u16 */ 156ffbf2595SKristof Provost PF_RAT_NEG = 4, /* u8 */ 157ffbf2595SKristof Provost PF_RAT_OP = 5, /* u8 */ 158ffbf2595SKristof Provost }; 159ffbf2595SKristof Provost 160ffbf2595SKristof Provost enum pf_labels_type_t { 161ffbf2595SKristof Provost PF_LT_UNSPEC, 162ffbf2595SKristof Provost PF_LT_LABEL = 1, /* string */ 163ffbf2595SKristof Provost }; 164ffbf2595SKristof Provost 165ffbf2595SKristof Provost enum pf_mape_portset_type_t 166ffbf2595SKristof Provost { 167ffbf2595SKristof Provost PF_MET_UNSPEC, 168ffbf2595SKristof Provost PF_MET_OFFSET = 1, /* u8 */ 169ffbf2595SKristof Provost PF_MET_PSID_LEN = 2, /* u8 */ 170ffbf2595SKristof Provost PF_MET_PSID = 3, /* u16 */ 171ffbf2595SKristof Provost }; 172ffbf2595SKristof Provost 173ffbf2595SKristof Provost enum pf_rpool_type_t 174ffbf2595SKristof Provost { 175ffbf2595SKristof Provost PF_PT_UNSPEC, 176ffbf2595SKristof Provost PF_PT_KEY = 1, /* bytes, sizeof(struct pf_poolhashkey) */ 177ffbf2595SKristof Provost PF_PT_COUNTER = 2, /* in6_addr */ 178ffbf2595SKristof Provost PF_PT_TBLIDX = 3, /* u32 */ 179ffbf2595SKristof Provost PF_PT_PROXY_SRC_PORT = 4, /* u16 */ 180ffbf2595SKristof Provost PF_PT_PROXY_DST_PORT = 5, /* u16 */ 181ffbf2595SKristof Provost PF_PT_OPTS = 6, /* u8 */ 182ffbf2595SKristof Provost PF_PT_MAPE = 7, /* nested, pf_mape_portset_type_t */ 183ffbf2595SKristof Provost }; 184ffbf2595SKristof Provost 185ffbf2595SKristof Provost enum pf_timeout_type_t { 186ffbf2595SKristof Provost PF_TT_UNSPEC, 187ffbf2595SKristof Provost PF_TT_TIMEOUT = 1, /* u32 */ 188ffbf2595SKristof Provost }; 189ffbf2595SKristof Provost 190ffbf2595SKristof Provost enum pf_rule_uid_type_t { 191ffbf2595SKristof Provost PF_RUT_UNSPEC, 192ffbf2595SKristof Provost PF_RUT_UID_LOW = 1, /* u32 */ 193ffbf2595SKristof Provost PF_RUT_UID_HIGH = 2, /* u32 */ 194ffbf2595SKristof Provost PF_RUT_OP = 3, /* u8 */ 195ffbf2595SKristof Provost }; 196ffbf2595SKristof Provost 197ffbf2595SKristof Provost enum pf_rule_type_t { 198ffbf2595SKristof Provost PF_RT_UNSPEC, 199ffbf2595SKristof Provost PF_RT_SRC = 1, /* nested, pf_rule_addr_type_t */ 200ffbf2595SKristof Provost PF_RT_DST = 2, /* nested, pf_rule_addr_type_t */ 201ffbf2595SKristof Provost PF_RT_RIDENTIFIER = 3, /* u32 */ 202ffbf2595SKristof Provost PF_RT_LABELS = 4, /* nested, pf_labels_type_t */ 203ffbf2595SKristof Provost PF_RT_IFNAME = 5, /* string */ 204ffbf2595SKristof Provost PF_RT_QNAME = 6, /* string */ 205ffbf2595SKristof Provost PF_RT_PQNAME = 7, /* string */ 206ffbf2595SKristof Provost PF_RT_TAGNAME = 8, /* string */ 207ffbf2595SKristof Provost PF_RT_MATCH_TAGNAME = 9, /* string */ 208ffbf2595SKristof Provost PF_RT_OVERLOAD_TBLNAME = 10, /* string */ 209e11dacbfSKristof Provost PF_RT_RPOOL_RDR = 11, /* nested, pf_rpool_type_t */ 210ffbf2595SKristof Provost PF_RT_OS_FINGERPRINT = 12, /* u32 */ 211ffbf2595SKristof Provost PF_RT_RTABLEID = 13, /* u32 */ 212ffbf2595SKristof Provost PF_RT_TIMEOUT = 14, /* nested, pf_timeout_type_t */ 213ffbf2595SKristof Provost PF_RT_MAX_STATES = 15, /* u32 */ 214ffbf2595SKristof Provost PF_RT_MAX_SRC_NODES = 16, /* u32 */ 215ffbf2595SKristof Provost PF_RT_MAX_SRC_STATES = 17, /* u32 */ 216ffbf2595SKristof Provost PF_RT_MAX_SRC_CONN_RATE_LIMIT = 18, /* u32 */ 217ffbf2595SKristof Provost PF_RT_MAX_SRC_CONN_RATE_SECS = 19, /* u32 */ 218ffbf2595SKristof Provost PF_RT_DNPIPE = 20, /* u16 */ 219ffbf2595SKristof Provost PF_RT_DNRPIPE = 21, /* u16 */ 220ffbf2595SKristof Provost PF_RT_DNFLAGS = 22, /* u32 */ 221ffbf2595SKristof Provost PF_RT_NR = 23, /* u32 */ 222ffbf2595SKristof Provost PF_RT_PROB = 24, /* u32 */ 223ffbf2595SKristof Provost PF_RT_CUID = 25, /* u32 */ 224ffbf2595SKristof Provost PF_RT_CPID = 26, /* u32 */ 225ffbf2595SKristof Provost PF_RT_RETURN_ICMP = 27, /* u16 */ 226ffbf2595SKristof Provost PF_RT_RETURN_ICMP6 = 28, /* u16 */ 227ffbf2595SKristof Provost PF_RT_MAX_MSS = 29, /* u16 */ 228ffbf2595SKristof Provost PF_RT_SCRUB_FLAGS = 30, /* u16 */ 229ffbf2595SKristof Provost PF_RT_UID = 31, /* nested, pf_rule_uid_type_t */ 230ffbf2595SKristof Provost PF_RT_GID = 32, /* nested, pf_rule_uid_type_t */ 231ffbf2595SKristof Provost PF_RT_RULE_FLAG = 33, /* u32 */ 232ffbf2595SKristof Provost PF_RT_ACTION = 34, /* u8 */ 233ffbf2595SKristof Provost PF_RT_DIRECTION = 35, /* u8 */ 234ffbf2595SKristof Provost PF_RT_LOG = 36, /* u8 */ 235ffbf2595SKristof Provost PF_RT_LOGIF = 37, /* u8 */ 236ffbf2595SKristof Provost PF_RT_QUICK = 38, /* u8 */ 237ffbf2595SKristof Provost PF_RT_IF_NOT = 39, /* u8 */ 238ffbf2595SKristof Provost PF_RT_MATCH_TAG_NOT = 40, /* u8 */ 239ffbf2595SKristof Provost PF_RT_NATPASS = 41, /* u8 */ 240ffbf2595SKristof Provost PF_RT_KEEP_STATE = 42, /* u8 */ 241ffbf2595SKristof Provost PF_RT_AF = 43, /* u8 */ 242ffbf2595SKristof Provost PF_RT_PROTO = 44, /* u8 */ 243ffbf2595SKristof Provost PF_RT_TYPE = 45, /* u8 */ 244ffbf2595SKristof Provost PF_RT_CODE = 46, /* u8 */ 245ffbf2595SKristof Provost PF_RT_FLAGS = 47, /* u8 */ 246ffbf2595SKristof Provost PF_RT_FLAGSET = 48, /* u8 */ 247ffbf2595SKristof Provost PF_RT_MIN_TTL = 49, /* u8 */ 248ffbf2595SKristof Provost PF_RT_ALLOW_OPTS = 50, /* u8 */ 249ffbf2595SKristof Provost PF_RT_RT = 51, /* u8 */ 250ffbf2595SKristof Provost PF_RT_RETURN_TTL = 52, /* u8 */ 251ffbf2595SKristof Provost PF_RT_TOS = 53, /* u8 */ 252ffbf2595SKristof Provost PF_RT_SET_TOS = 54, /* u8 */ 253ffbf2595SKristof Provost PF_RT_ANCHOR_RELATIVE = 55, /* u8 */ 254ffbf2595SKristof Provost PF_RT_ANCHOR_WILDCARD = 56, /* u8 */ 255ffbf2595SKristof Provost PF_RT_FLUSH = 57, /* u8 */ 256ffbf2595SKristof Provost PF_RT_PRIO = 58, /* u8 */ 257ffbf2595SKristof Provost PF_RT_SET_PRIO = 59, /* u8 */ 258ffbf2595SKristof Provost PF_RT_SET_PRIO_REPLY = 60, /* u8 */ 259ffbf2595SKristof Provost PF_RT_DIVERT_ADDRESS = 61, /* in6_addr */ 260ffbf2595SKristof Provost PF_RT_DIVERT_PORT = 62, /* u16 */ 261777a4702SKristof Provost PF_RT_PACKETS_IN = 63, /* u64 */ 262777a4702SKristof Provost PF_RT_PACKETS_OUT = 64, /* u64 */ 263777a4702SKristof Provost PF_RT_BYTES_IN = 65, /* u64 */ 264777a4702SKristof Provost PF_RT_BYTES_OUT = 66, /* u64 */ 265777a4702SKristof Provost PF_RT_EVALUATIONS = 67, /* u64 */ 266777a4702SKristof Provost PF_RT_TIMESTAMP = 68, /* u64 */ 267777a4702SKristof Provost PF_RT_STATES_CUR = 69, /* u64 */ 268777a4702SKristof Provost PF_RT_STATES_TOTAL = 70, /* u64 */ 269777a4702SKristof Provost PF_RT_SRC_NODES = 71, /* u64 */ 270777a4702SKristof Provost PF_RT_ANCHOR_CALL = 72, /* string */ 2712339ead6SKristof Provost PF_RT_RCV_IFNAME = 73, /* string */ 2727fe42038SKajetan Staszkiewicz PF_RT_MAX_SRC_CONN = 74, /* u32 */ 273e11dacbfSKristof Provost PF_RT_RPOOL_NAT = 75, /* nested, pf_rpool_type_t */ 274fcdb520cSKristof Provost PF_RT_NAF = 76, /* u8 */ 2750972294eSKristof Provost PF_RT_RPOOL_RT = 77, /* nested, pf_rpool_type_t */ 27667c19da0SKristof Provost PF_RT_RCV_IFNOT = 78, /* bool */ 27707e070efSKajetan Staszkiewicz PF_RT_SRC_NODES_LIMIT = 79, /* u64 */ 27807e070efSKajetan Staszkiewicz PF_RT_SRC_NODES_NAT = 80, /* u64 */ 27907e070efSKajetan Staszkiewicz PF_RT_SRC_NODES_ROUTE = 81, /* u64 */ 280ffbf2595SKristof Provost }; 281ffbf2595SKristof Provost 282ffbf2595SKristof Provost enum pf_addrule_type_t { 283ffbf2595SKristof Provost PF_ART_UNSPEC, 284ffbf2595SKristof Provost PF_ART_TICKET = 1, /* u32 */ 285ffbf2595SKristof Provost PF_ART_POOL_TICKET = 2, /* u32 */ 286ffbf2595SKristof Provost PF_ART_ANCHOR = 3, /* string */ 287ffbf2595SKristof Provost PF_ART_ANCHOR_CALL = 4, /* string */ 288ffbf2595SKristof Provost PF_ART_RULE = 5, /* nested, pfrule_type_t */ 289ffbf2595SKristof Provost }; 290ffbf2595SKristof Provost 29144f323ecSKristof Provost enum pf_getrules_type_t { 29244f323ecSKristof Provost PF_GR_UNSPEC, 29344f323ecSKristof Provost PF_GR_ANCHOR = 1, /* string */ 29444f323ecSKristof Provost PF_GR_ACTION = 2, /* u8 */ 29544f323ecSKristof Provost PF_GR_NR = 3, /* u32 */ 29644f323ecSKristof Provost PF_GR_TICKET = 4, /* u32 */ 297777a4702SKristof Provost PF_GR_CLEAR = 5, /* u8 */ 29844f323ecSKristof Provost }; 29944f323ecSKristof Provost 300706d465dSKristof Provost enum pf_clear_states_type_t { 301706d465dSKristof Provost PF_CS_UNSPEC, 302706d465dSKristof Provost PF_CS_CMP_ID = 1, /* u64 */ 303706d465dSKristof Provost PF_CS_CMP_CREATORID = 2, /* u32 */ 304706d465dSKristof Provost PF_CS_CMP_DIR = 3, /* u8 */ 305706d465dSKristof Provost PF_CS_AF = 4, /* u8 */ 306706d465dSKristof Provost PF_CS_PROTO = 5, /* u8 */ 307706d465dSKristof Provost PF_CS_SRC = 6, /* nested, pf_addr_wrap */ 308706d465dSKristof Provost PF_CS_DST = 7, /* nested, pf_addr_wrap */ 309706d465dSKristof Provost PF_CS_RT_ADDR = 8, /* nested, pf_addr_wrap */ 310706d465dSKristof Provost PF_CS_IFNAME = 9, /* string */ 311706d465dSKristof Provost PF_CS_LABEL = 10, /* string */ 312706d465dSKristof Provost PF_CS_KILL_MATCH = 11, /* bool */ 313706d465dSKristof Provost PF_CS_NAT = 12, /* bool */ 314706d465dSKristof Provost PF_CS_KILLED = 13, /* u32 */ 315706d465dSKristof Provost }; 316706d465dSKristof Provost 317470a2b33SKristof Provost enum pf_set_statusif_types_t { 318470a2b33SKristof Provost PF_SS_UNSPEC, 319470a2b33SKristof Provost PF_SS_IFNAME = 1, /* string */ 320470a2b33SKristof Provost }; 3215824df8dSKristof Provost 3225824df8dSKristof Provost enum pf_counter_types_t { 3235824df8dSKristof Provost PF_C_UNSPEC, 3245824df8dSKristof Provost PF_C_COUNTER = 1, /* u64 */ 3255824df8dSKristof Provost PF_C_NAME = 2, /* string */ 3265824df8dSKristof Provost PF_C_ID = 3, /* u32 */ 3275824df8dSKristof Provost }; 3285824df8dSKristof Provost 3295824df8dSKristof Provost enum pf_get_status_types_t { 3305824df8dSKristof Provost PF_GS_UNSPEC, 3315824df8dSKristof Provost PF_GS_IFNAME = 1, /* string */ 3325824df8dSKristof Provost PF_GS_RUNNING = 2, /* bool */ 3335824df8dSKristof Provost PF_GS_SINCE = 3, /* u32 */ 3345824df8dSKristof Provost PF_GS_DEBUG = 4, /* u32 */ 3355824df8dSKristof Provost PF_GS_HOSTID = 5, /* u32 */ 3365824df8dSKristof Provost PF_GS_STATES = 6, /* u32 */ 3375824df8dSKristof Provost PF_GS_SRC_NODES = 7, /* u32 */ 3385824df8dSKristof Provost PF_GS_REASSEMBLE = 8, /* u32 */ 3395824df8dSKristof Provost PF_GS_SYNCOOKIES_ACTIVE = 9, /* bool */ 3405824df8dSKristof Provost PF_GS_COUNTERS = 10, /* nested, */ 3415824df8dSKristof Provost PF_GS_LCOUNTERS = 11, /* nested, */ 3425824df8dSKristof Provost PF_GS_FCOUNTERS = 12, /* nested, */ 3435824df8dSKristof Provost PF_GS_SCOUNTERS = 13, /* nested, */ 3445824df8dSKristof Provost PF_GS_CHKSUM = 14, /* byte array */ 3455824df8dSKristof Provost PF_GS_PCOUNTERS = 15, /* u64 array */ 3465824df8dSKristof Provost PF_GS_BCOUNTERS = 16, /* u64 array */ 3475824df8dSKristof Provost }; 3485824df8dSKristof Provost 34971d3c704SKristof Provost enum pf_natlook_types_t { 35071d3c704SKristof Provost PF_NL_UNSPEC, 35171d3c704SKristof Provost PF_NL_AF = 1, /* u8 */ 35271d3c704SKristof Provost PF_NL_DIRECTION = 2, /* u8 */ 35371d3c704SKristof Provost PF_NL_PROTO = 3, /* u8 */ 35471d3c704SKristof Provost PF_NL_SRC_ADDR = 4, /* in6_addr */ 35571d3c704SKristof Provost PF_NL_DST_ADDR = 5, /* in6_addr */ 35671d3c704SKristof Provost PF_NL_SRC_PORT = 6, /* u16 */ 35771d3c704SKristof Provost PF_NL_DST_PORT = 7, /* u16 */ 35871d3c704SKristof Provost }; 35971d3c704SKristof Provost 360c36c90a2SKristof Provost enum pf_set_debug_types_t { 361c36c90a2SKristof Provost PF_SD_UNSPEC, 362c36c90a2SKristof Provost PF_SD_LEVEL = 1, /* u32 */ 363c36c90a2SKristof Provost }; 364c36c90a2SKristof Provost 36530bad751SKristof Provost enum pf_timeout_types_t { 36630bad751SKristof Provost PF_TO_UNSPEC, 36730bad751SKristof Provost PF_TO_TIMEOUT = 1, /* u32 */ 36830bad751SKristof Provost PF_TO_SECONDS = 2, /* u32 */ 36930bad751SKristof Provost }; 37030bad751SKristof Provost 371d9ab8999SKristof Provost enum pf_limit_types_t { 372d9ab8999SKristof Provost PF_LI_UNSPEC, 373d9ab8999SKristof Provost PF_LI_INDEX = 1, /* u32 */ 374d9ab8999SKristof Provost PF_LI_LIMIT = 2, /* u32 */ 375d9ab8999SKristof Provost }; 376d9ab8999SKristof Provost 377ba2a9207SKristof Provost enum pf_begin_addrs_types_t { 378ba2a9207SKristof Provost PF_BA_UNSPEC, 379ba2a9207SKristof Provost PF_BA_TICKET = 1, /* u32 */ 380ba2a9207SKristof Provost }; 381ba2a9207SKristof Provost 382d909f06bSKristof Provost enum pf_pool_addr_types_t { 383d909f06bSKristof Provost PF_PA_UNSPEC, 384d909f06bSKristof Provost PF_PA_ADDR = 1, /* nested, pf_addr_wrap */ 385d909f06bSKristof Provost PF_PA_IFNAME = 2, /* string */ 386d909f06bSKristof Provost }; 387d909f06bSKristof Provost 388d909f06bSKristof Provost enum pf_add_addr_types_t { 389d909f06bSKristof Provost PF_AA_UNSPEC, 390d909f06bSKristof Provost PF_AA_ACTION = 1, /* u32 */ 391d909f06bSKristof Provost PF_AA_TICKET = 2, /* u32 */ 392d909f06bSKristof Provost PF_AA_NR = 3, /* u32 */ 393d909f06bSKristof Provost PF_AA_R_NUM = 4, /* u32 */ 394d909f06bSKristof Provost PF_AA_R_ACTION = 5, /* u8 */ 395d909f06bSKristof Provost PF_AA_R_LAST = 6, /* u8 */ 396d909f06bSKristof Provost PF_AA_AF = 7, /* u8 */ 397d909f06bSKristof Provost PF_AA_ANCHOR = 8, /* string */ 398d909f06bSKristof Provost PF_AA_ADDR = 9, /* nested, pf_pooladdr */ 399e11dacbfSKristof Provost PF_AA_WHICH = 10, /* u32 */ 400d909f06bSKristof Provost }; 401d909f06bSKristof Provost 40225e0f8f9SKristof Provost enum pf_get_rulesets_types_t { 40325e0f8f9SKristof Provost PF_RS_UNSPEC, 40425e0f8f9SKristof Provost PF_RS_PATH = 1, /* string */ 40525e0f8f9SKristof Provost PF_RS_NR = 2, /* u32 */ 40648f5bf8bSKristof Provost PF_RS_NAME = 3, /* string */ 40725e0f8f9SKristof Provost }; 40825e0f8f9SKristof Provost 4099c125336SKristof Provost enum pf_threshold_types_t { 4109c125336SKristof Provost PF_TH_UNSPEC, 4119c125336SKristof Provost PF_TH_LIMIT = 1, /* u32 */ 4129c125336SKristof Provost PF_TH_SECONDS = 2, /* u32 */ 4139c125336SKristof Provost PF_TH_COUNT = 3, /* u32 */ 4149c125336SKristof Provost PF_TH_LAST = 4, /* u32 */ 4159c125336SKristof Provost }; 4169c125336SKristof Provost 4179c125336SKristof Provost enum pf_srcnodes_types_t { 4189c125336SKristof Provost PF_SN_UNSPEC, 4199c125336SKristof Provost PF_SN_ADDR = 1, /* nested, pf_addr */ 4209c125336SKristof Provost PF_SN_RADDR = 2, /* nested, pf_addr */ 4219c125336SKristof Provost PF_SN_RULE_NR = 3, /* u32 */ 4229c125336SKristof Provost PF_SN_BYTES_IN = 4, /* u64 */ 4239c125336SKristof Provost PF_SN_BYTES_OUT = 5, /* u64 */ 4249c125336SKristof Provost PF_SN_PACKETS_IN = 6, /* u64 */ 4259c125336SKristof Provost PF_SN_PACKETS_OUT = 7, /* u64 */ 4269c125336SKristof Provost PF_SN_STATES = 8, /* u32 */ 4279c125336SKristof Provost PF_SN_CONNECTIONS = 9, /* u32 */ 4289c125336SKristof Provost PF_SN_AF = 10, /* u8 */ 4299c125336SKristof Provost PF_SN_RULE_TYPE = 11, /* u8 */ 4309c125336SKristof Provost PF_SN_CREATION = 12, /* u64 */ 4319c125336SKristof Provost PF_SN_EXPIRE = 13, /* u64 */ 4329c125336SKristof Provost PF_SN_CONNECTION_RATE = 14, /* nested, pf_threshold */ 433aa69fdf1SKristof Provost PF_SN_NAF = 15, /* u8 */ 43407e070efSKajetan Staszkiewicz PF_SN_NODE_TYPE = 16, /* u8 */ 4359c125336SKristof Provost }; 4369c125336SKristof Provost 437441d4894SKristof Provost enum pf_tables_t { 438441d4894SKristof Provost PF_T_UNSPEC, 439441d4894SKristof Provost PF_T_ANCHOR = 1, /* string */ 440441d4894SKristof Provost PF_T_NAME = 2, /* string */ 441441d4894SKristof Provost PF_T_TABLE_FLAGS = 3, /* u32 */ 442441d4894SKristof Provost PF_T_FLAGS = 4, /* u32 */ 443441d4894SKristof Provost PF_T_NBR_DELETED = 5, /* u32 */ 44484a80eaeSKristof Provost PF_T_NBR_ADDED = 6, /* u32 */ 445441d4894SKristof Provost }; 446441d4894SKristof Provost 4479e8d2962SKristof Provost enum pf_tstats_t { 4489e8d2962SKristof Provost PF_TS_UNSPEC, 4499e8d2962SKristof Provost PF_TS_TABLE = 1, /* nested, pfr_table */ 4509e8d2962SKristof Provost PF_TS_PACKETS = 2, /* u64 array */ 4519e8d2962SKristof Provost PF_TS_BYTES = 3, /* u64 array */ 4529e8d2962SKristof Provost PF_TS_MATCH = 4, /* u64 */ 4539e8d2962SKristof Provost PF_TS_NOMATCH = 5, /* u64 */ 4549e8d2962SKristof Provost PF_TS_TZERO = 6, /* u64 */ 4559e8d2962SKristof Provost PF_TS_CNT = 7, /* u64 */ 4569e8d2962SKristof Provost PF_TS_REFCNT = 8, /* u64 array */ 457*b3a68a2eSKristof Provost PF_TS_NZERO = 9, /* u64 */ 4589e8d2962SKristof Provost }; 4599e8d2962SKristof Provost 4602cef6288SAlexander V. Chernikov #ifdef _KERNEL 4612cef6288SAlexander V. Chernikov 4622cef6288SAlexander V. Chernikov void pf_nl_register(void); 4632cef6288SAlexander V. Chernikov void pf_nl_unregister(void); 4642cef6288SAlexander V. Chernikov 4652cef6288SAlexander V. Chernikov #endif 4662cef6288SAlexander V. Chernikov 4672cef6288SAlexander V. Chernikov #endif 468