15c62ededSKristof Provost /*- 2*4d846d26SWarner Losh * SPDX-License-Identifier: BSD-2-Clause 35c62ededSKristof Provost * 45c62ededSKristof Provost * Copyright (c) 2021 Rubicon Communications, LLC (Netgate) 55c62ededSKristof Provost * 65c62ededSKristof Provost * Redistribution and use in source and binary forms, with or without 75c62ededSKristof Provost * modification, are permitted provided that the following conditions 85c62ededSKristof Provost * are met: 95c62ededSKristof Provost * 1. Redistributions of source code must retain the above copyright 105c62ededSKristof Provost * notice, this list of conditions and the following disclaimer. 115c62ededSKristof Provost * 2. Redistributions in binary form must reproduce the above copyright 125c62ededSKristof Provost * notice, this list of conditions and the following disclaimer in the 135c62ededSKristof Provost * documentation and/or other materials provided with the distribution. 145c62ededSKristof Provost * 155c62ededSKristof Provost * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 165c62ededSKristof Provost * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 175c62ededSKristof Provost * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 185c62ededSKristof Provost * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 195c62ededSKristof Provost * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 205c62ededSKristof Provost * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 215c62ededSKristof Provost * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 225c62ededSKristof Provost * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 235c62ededSKristof Provost * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 245c62ededSKristof Provost * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 255c62ededSKristof Provost * SUCH DAMAGE. 265c62ededSKristof Provost * 275c62ededSKristof Provost */ 285c62ededSKristof Provost #ifndef _PF_NV_H_ 295c62ededSKristof Provost #define _PF_NV_H_ 305c62ededSKristof Provost 315c62ededSKristof Provost #include <sys/nv.h> 323032c353SKristof Provost #include <sys/sdt.h> 333032c353SKristof Provost #include <sys/socket.h> 343032c353SKristof Provost #include <sys/types.h> 353032c353SKristof Provost 363032c353SKristof Provost #include <net/if.h> 373032c353SKristof Provost #include <net/if_var.h> 383032c353SKristof Provost #include <net/pfvar.h> 393032c353SKristof Provost 403032c353SKristof Provost SDT_PROBE_DECLARE(pf, ioctl, function, error); 413032c353SKristof Provost SDT_PROBE_DECLARE(pf, ioctl, nvchk, error); 423032c353SKristof Provost 433032c353SKristof Provost #define ERROUT_FUNCTION(target, x) \ 443032c353SKristof Provost do { \ 453032c353SKristof Provost error = (x); \ 463032c353SKristof Provost SDT_PROBE3(pf, ioctl, function, error, __func__, error, \ 473032c353SKristof Provost __LINE__); \ 483032c353SKristof Provost goto target; \ 493032c353SKristof Provost } while (0) 503032c353SKristof Provost 513032c353SKristof Provost #define PFNV_CHK(x) do { \ 523032c353SKristof Provost error = (x); \ 533032c353SKristof Provost SDT_PROBE2(pf, ioctl, nvchk, error, error, __LINE__); \ 543032c353SKristof Provost if (error != 0) \ 553032c353SKristof Provost goto errout; \ 563032c353SKristof Provost } while (0) 575c62ededSKristof Provost 587c434289SKristof Provost #define PF_NV_DEF_UINT(fnname, type, max) \ 597c434289SKristof Provost int pf_nv ## fnname ## _opt(const nvlist_t *, const char *, \ 607c434289SKristof Provost type *, type); \ 617c434289SKristof Provost int pf_nv ## fnname(const nvlist_t *, const char *, type *); \ 627c434289SKristof Provost int pf_nv ## fnname ## _array(const nvlist_t *, const char *, \ 637c434289SKristof Provost type *,size_t, size_t *); \ 647c434289SKristof Provost void pf_ ## fnname ## _array_nv(nvlist_t *, const char *, \ 657c434289SKristof Provost const type *, size_t); 667c434289SKristof Provost 677c434289SKristof Provost PF_NV_DEF_UINT(uint8, uint8_t, UINT8_MAX); 687c434289SKristof Provost PF_NV_DEF_UINT(uint16, uint16_t, UINT16_MAX); 697c434289SKristof Provost PF_NV_DEF_UINT(uint32, uint32_t, UINT32_MAX); 707c434289SKristof Provost PF_NV_DEF_UINT(uint64, uint64_t, UINT64_MAX); 717c434289SKristof Provost 72776df104SKristof Provost int pf_nvbool(const nvlist_t *, const char *, bool *); 735c62ededSKristof Provost int pf_nvbinary(const nvlist_t *, const char *, void *, size_t); 745c62ededSKristof Provost int pf_nvint(const nvlist_t *, const char *, int *); 755c62ededSKristof Provost int pf_nvstring(const nvlist_t *, const char *, char *, size_t); 765c62ededSKristof Provost 773032c353SKristof Provost /* Translation functions */ 783032c353SKristof Provost 793032c353SKristof Provost int pf_check_rule_addr(const struct pf_rule_addr *); 803032c353SKristof Provost 8102cf67ccSMateusz Guzik nvlist_t *pf_krule_to_nvrule(struct pf_krule *); 823032c353SKristof Provost int pf_nvrule_to_krule(const nvlist_t *, struct pf_krule *); 833032c353SKristof Provost int pf_nvstate_kill_to_kstate_kill(const nvlist_t *, 843032c353SKristof Provost struct pf_kstate_kill *); 85211cddf9SKristof Provost nvlist_t *pf_state_to_nvstate(const struct pf_kstate *); 865c62ededSKristof Provost 87e732e742SKristof Provost nvlist_t *pf_keth_rule_to_nveth_rule(const struct pf_keth_rule *); 88e732e742SKristof Provost int pf_nveth_rule_to_keth_rule(const nvlist_t *, struct pf_keth_rule *); 895c62ededSKristof Provost #endif 90