xref: /titanic_41/usr/src/uts/common/inet/ipf/bpf-ipf.h (revision b3697b90e692e3e5d859fb77d285d4c056d99eda) 
1 /*-
2  * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
3  *	The Regents of the University of California.  All rights reserved.
4  *
5  * This code is derived from the Stanford/CMU enet packet filter,
6  * (net/enet.c) distributed as part of 4.3BSD, and code contributed
7  * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence
8  * Berkeley Laboratory.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  * 1. Redistributions of source code must retain the above copyright
14  *    notice, this list of conditions and the following disclaimer.
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in the
17  *    documentation and/or other materials provided with the distribution.
18  * 3. All advertising materials mentioning features or use of this software
19  *    must display the following acknowledgement:
20  *      This product includes software developed by the University of
21  *      California, Berkeley and its contributors.
22  * 4. Neither the name of the University nor the names of its contributors
23  *    may be used to endorse or promote products derived from this software
24  *    without specific prior written permission.
25  *
26  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36  * SUCH DAMAGE.
37  *
38  *      @(#)bpf.h       7.1 (Berkeley) 5/7/91
39  *
40  * @(#) $Header: /devel/CVS/IP-Filter/bpf-ipf.h,v 2.1 2002/10/26 12:14:26 darrenr Exp $ (LBL)
41  */
42 
43 #ifndef BPF_MAJOR_VERSION
44 
45 #ifdef __cplusplus
46 extern "C" {
47 #endif
48 
49 /* BSD style release date */
50 #define BPF_RELEASE 199606
51 
52 typedef	int bpf_int32;
53 typedef	u_int bpf_u_int32;
54 
55 /*
56  * Alignment macros.  BPF_WORDALIGN rounds up to the next
57  * even multiple of BPF_ALIGNMENT.
58  */
59 #ifndef __NetBSD__
60 #define BPF_ALIGNMENT sizeof(bpf_int32)
61 #else
62 #define BPF_ALIGNMENT sizeof(long)
63 #endif
64 #define BPF_WORDALIGN(x) (((x)+(BPF_ALIGNMENT-1))&~(BPF_ALIGNMENT-1))
65 
66 #define BPF_MAXINSNS 512
67 #define BPF_MAXBUFSIZE 0x8000
68 #define BPF_MINBUFSIZE 32
69 
70 /*
71  *  Structure for BIOCSETF.
72  */
73 struct bpf_program {
74 	u_int bf_len;
75 	struct bpf_insn *bf_insns;
76 };
77 
78 /*
79  * Struct returned by BIOCGSTATS.
80  */
81 struct bpf_stat {
82 	u_int bs_recv;		/* number of packets received */
83 	u_int bs_drop;		/* number of packets dropped */
84 };
85 
86 /*
87  * Struct return by BIOCVERSION.  This represents the version number of
88  * the filter language described by the instruction encodings below.
89  * bpf understands a program iff kernel_major == filter_major &&
90  * kernel_minor >= filter_minor, that is, if the value returned by the
91  * running kernel has the same major number and a minor number equal
92  * equal to or less than the filter being downloaded.  Otherwise, the
93  * results are undefined, meaning an error may be returned or packets
94  * may be accepted haphazardly.
95  * It has nothing to do with the source code version.
96  */
97 struct bpf_version {
98 	u_short bv_major;
99 	u_short bv_minor;
100 };
101 /* Current version number of filter architecture. */
102 #define BPF_MAJOR_VERSION 1
103 #define BPF_MINOR_VERSION 1
104 
105 /*
106  * BPF ioctls
107  *
108  * The first set is for compatibility with Sun's pcc style
109  * header files.  If your using gcc, we assume that you
110  * have run fixincludes so the latter set should work.
111  */
112 #if (defined(sun) || defined(ibm032)) && !defined(__GNUC__)
113 #define	BIOCGBLEN	_IOR(B,102, u_int)
114 #define	BIOCSBLEN	_IOWR(B,102, u_int)
115 #define	BIOCSETF	_IOW(B,103, struct bpf_program)
116 #define	BIOCFLUSH	_IO(B,104)
117 #define BIOCPROMISC	_IO(B,105)
118 #define	BIOCGDLT	_IOR(B,106, u_int)
119 #define BIOCGETIF	_IOR(B,107, struct ifreq)
120 #define BIOCSETIF	_IOW(B,108, struct ifreq)
121 #define BIOCSRTIMEOUT	_IOW(B,109, struct timeval)
122 #define BIOCGRTIMEOUT	_IOR(B,110, struct timeval)
123 #define BIOCGSTATS	_IOR(B,111, struct bpf_stat)
124 #define BIOCIMMEDIATE	_IOW(B,112, u_int)
125 #define BIOCVERSION	_IOR(B,113, struct bpf_version)
126 #define BIOCSTCPF	_IOW(B,114, struct bpf_program)
127 #define BIOCSUDPF	_IOW(B,115, struct bpf_program)
128 #else
129 #define	BIOCGBLEN	_IOR('B',102, u_int)
130 #define	BIOCSBLEN	_IOWR('B',102, u_int)
131 #define	BIOCSETF	_IOW('B',103, struct bpf_program)
132 #define	BIOCFLUSH	_IO('B',104)
133 #define BIOCPROMISC	_IO('B',105)
134 #define	BIOCGDLT	_IOR('B',106, u_int)
135 #define BIOCGETIF	_IOR('B',107, struct ifreq)
136 #define BIOCSETIF	_IOW('B',108, struct ifreq)
137 #define BIOCSRTIMEOUT	_IOW('B',109, struct timeval)
138 #define BIOCGRTIMEOUT	_IOR('B',110, struct timeval)
139 #define BIOCGSTATS	_IOR('B',111, struct bpf_stat)
140 #define BIOCIMMEDIATE	_IOW('B',112, u_int)
141 #define BIOCVERSION	_IOR('B',113, struct bpf_version)
142 #define BIOCSTCPF	_IOW('B',114, struct bpf_program)
143 #define BIOCSUDPF	_IOW('B',115, struct bpf_program)
144 #endif
145 
146 /*
147  * Structure prepended to each packet.
148  */
149 struct bpf_hdr {
150 	struct timeval	bh_tstamp;	/* time stamp */
151 	bpf_u_int32	bh_caplen;	/* length of captured portion */
152 	bpf_u_int32	bh_datalen;	/* original length of packet */
153 	u_short		bh_hdrlen;	/* length of bpf header (this struct
154 					   plus alignment padding) */
155 };
156 /*
157  * Because the structure above is not a multiple of 4 bytes, some compilers
158  * will insist on inserting padding; hence, sizeof(struct bpf_hdr) won't work.
159  * Only the kernel needs to know about it; applications use bh_hdrlen.
160  */
161 #if defined(KERNEL) || defined(_KERNEL)
162 #define SIZEOF_BPF_HDR 18
163 #endif
164 
165 /*
166  * Data-link level type codes.
167  */
168 
169 /*
170  * These are the types that are the same on all platforms; on other
171  * platforms, a <net/bpf.h> should be supplied that defines the additional
172  * DLT_* codes appropriately for that platform (the BSDs, for example,
173  * should not just pick up this version of "bpf.h"; they should also define
174  * the additional DLT_* codes used by their kernels, as well as the values
175  * defined here - and, if the values they use for particular DLT_ types
176  * differ from those here, they should use their values, not the ones
177  * here).
178  */
179 #define DLT_NULL	0	/* no link-layer encapsulation */
180 #define DLT_EN10MB	1	/* Ethernet (10Mb) */
181 #define DLT_EN3MB	2	/* Experimental Ethernet (3Mb) */
182 #define DLT_AX25	3	/* Amateur Radio AX.25 */
183 #define DLT_PRONET	4	/* Proteon ProNET Token Ring */
184 #define DLT_CHAOS	5	/* Chaos */
185 #define DLT_IEEE802	6	/* IEEE 802 Networks */
186 #define DLT_ARCNET	7	/* ARCNET */
187 #define DLT_SLIP	8	/* Serial Line IP */
188 #define DLT_PPP		9	/* Point-to-point Protocol */
189 #define DLT_FDDI	10	/* FDDI */
190 
191 /*
192  * These are values from the traditional libpcap "bpf.h".
193  * Ports of this to particular platforms should replace these definitions
194  * with the ones appropriate to that platform, if the values are
195  * different on that platform.
196  */
197 #define DLT_ATM_RFC1483	11	/* LLC/SNAP encapsulated atm */
198 #define DLT_RAW		12	/* raw IP */
199 
200 /*
201  * These are values from BSD/OS's "bpf.h".
202  * These are not the same as the values from the traditional libpcap
203  * "bpf.h"; however, these values shouldn't be generated by any
204  * OS other than BSD/OS, so the correct values to use here are the
205  * BSD/OS values.
206  *
207  * Platforms that have already assigned these values to other
208  * DLT_ codes, however, should give these codes the values
209  * from that platform, so that programs that use these codes will
210  * continue to compile - even though they won't correctly read
211  * files of these types.
212  */
213 #ifdef __NetBSD__
214 #ifndef DLT_SLIP_BSDOS
215 #define DLT_SLIP_BSDOS	13	/* BSD/OS Serial Line IP */
216 #define DLT_PPP_BSDOS	14	/* BSD/OS Point-to-point Protocol */
217 #endif
218 #else
219 #define DLT_SLIP_BSDOS	15	/* BSD/OS Serial Line IP */
220 #define DLT_PPP_BSDOS	16	/* BSD/OS Point-to-point Protocol */
221 #endif
222 
223 #define DLT_ATM_CLIP	19	/* Linux Classical-IP over ATM */
224 
225 /*
226  * These values are defined by NetBSD; other platforms should refrain from
227  * using them for other purposes, so that NetBSD savefiles with link
228  * types of 50 or 51 can be read as this type on all platforms.
229  */
230 #define DLT_PPP_SERIAL	50	/* PPP over serial with HDLC encapsulation */
231 #define DLT_PPP_ETHER	51	/* PPP over Ethernet */
232 
233 /*
234  * Values between 100 and 103 are used in capture file headers as
235  * link-layer types corresponding to DLT_ types that differ
236  * between platforms; don't use those values for new DLT_ new types.
237  */
238 
239 /*
240  * This value was defined by libpcap 0.5; platforms that have defined
241  * it with a different value should define it here with that value -
242  * a link type of 104 in a save file will be mapped to DLT_C_HDLC,
243  * whatever value that happens to be, so programs will correctly
244  * handle files with that link type regardless of the value of
245  * DLT_C_HDLC.
246  *
247  * The name DLT_C_HDLC was used by BSD/OS; we use that name for source
248  * compatibility with programs written for BSD/OS.
249  *
250  * libpcap 0.5 defined it as DLT_CHDLC; we define DLT_CHDLC as well,
251  * for source compatibility with programs written for libpcap 0.5.
252  */
253 #define DLT_C_HDLC	104	/* Cisco HDLC */
254 #define DLT_CHDLC	DLT_C_HDLC
255 
256 #define DLT_IEEE802_11	105	/* IEEE 802.11 wireless */
257 
258 /*
259  * Values between 106 and 107 are used in capture file headers as
260  * link-layer types corresponding to DLT_ types that might differ
261  * between platforms; don't use those values for new DLT_ new types.
262  */
263 
264 /*
265  * OpenBSD DLT_LOOP, for loopback devices; it's like DLT_NULL, except
266  * that the AF_ type in the link-layer header is in network byte order.
267  *
268  * OpenBSD defines it as 12, but that collides with DLT_RAW, so we
269  * define it as 108 here.  If OpenBSD picks up this file, it should
270  * define DLT_LOOP as 12 in its version, as per the comment above -
271  * and should not use 108 as a DLT_ value.
272  */
273 #define DLT_LOOP	108
274 
275 /*
276  * Values between 109 and 112 are used in capture file headers as
277  * link-layer types corresponding to DLT_ types that might differ
278  * between platforms; don't use those values for new DLT_ types
279  * other than the corresponding DLT_ types.
280  */
281 
282 /*
283  * This is for Linux cooked sockets.
284  */
285 #define DLT_LINUX_SLL	113
286 
287 /*
288  * Apple LocalTalk hardware.
289  */
290 #define DLT_LTALK	114
291 
292 /*
293  * Acorn Econet.
294  */
295 #define DLT_ECONET	115
296 
297 /*
298  * Reserved for use with OpenBSD ipfilter.
299  */
300 #define DLT_IPFILTER	116
301 
302 /*
303  * Reserved for use in capture-file headers as a link-layer type
304  * corresponding to OpenBSD DLT_PFLOG; DLT_PFLOG is 17 in OpenBSD,
305  * but that's DLT_LANE8023 in SuSE 6.3, so we can't use 17 for it
306  * in capture-file headers.
307  */
308 #define DLT_PFLOG	117
309 
310 /*
311  * Registered for Cisco-internal use.
312  */
313 #define DLT_CISCO_IOS	118
314 
315 /*
316  * Reserved for 802.11 cards using the Prism II chips, with a link-layer
317  * header including Prism monitor mode information plus an 802.11
318  * header.
319  */
320 #define DLT_PRISM_HEADER	119
321 
322 /*
323  * Reserved for Aironet 802.11 cards, with an Aironet link-layer header
324  * (see Doug Ambrisko's FreeBSD patches).
325  */
326 #define DLT_AIRONET_HEADER	120
327 
328 /*
329  * Reserved for Siemens HiPath HDLC.
330  */
331 #define DLT_HHDLC		121
332 
333 /*
334  * Reserved for RFC 2625 IP-over-Fibre Channel, as per a request from
335  * Don Lee <donlee@cray.com>.
336  *
337  * This is not for use with raw Fibre Channel, where the link-layer
338  * header starts with a Fibre Channel frame header; it's for IP-over-FC,
339  * where the link-layer header starts with an RFC 2625 Network_Header
340  * field.
341  */
342 #define DLT_IP_OVER_FC		122
343 
344 /*
345  * The instruction encodings.
346  */
347 /* instruction classes */
348 #define BPF_CLASS(code) ((code) & 0x07)
349 #define		BPF_LD		0x00
350 #define		BPF_LDX		0x01
351 #define		BPF_ST		0x02
352 #define		BPF_STX		0x03
353 #define		BPF_ALU		0x04
354 #define		BPF_JMP		0x05
355 #define		BPF_RET		0x06
356 #define		BPF_MISC	0x07
357 
358 /* ld/ldx fields */
359 #define BPF_SIZE(code)	((code) & 0x18)
360 #define		BPF_W		0x00
361 #define		BPF_H		0x08
362 #define		BPF_B		0x10
363 #define BPF_MODE(code)	((code) & 0xe0)
364 #define		BPF_IMM 	0x00
365 #define		BPF_ABS		0x20
366 #define		BPF_IND		0x40
367 #define		BPF_MEM		0x60
368 #define		BPF_LEN		0x80
369 #define		BPF_MSH		0xa0
370 
371 /* alu/jmp fields */
372 #define BPF_OP(code)	((code) & 0xf0)
373 #define		BPF_ADD		0x00
374 #define		BPF_SUB		0x10
375 #define		BPF_MUL		0x20
376 #define		BPF_DIV		0x30
377 #define		BPF_OR		0x40
378 #define		BPF_AND		0x50
379 #define		BPF_LSH		0x60
380 #define		BPF_RSH		0x70
381 #define		BPF_NEG		0x80
382 #define		BPF_JA		0x00
383 #define		BPF_JEQ		0x10
384 #define		BPF_JGT		0x20
385 #define		BPF_JGE		0x30
386 #define		BPF_JSET	0x40
387 #define BPF_SRC(code)	((code) & 0x08)
388 #define		BPF_K		0x00
389 #define		BPF_X		0x08
390 
391 /* ret - BPF_K and BPF_X also apply */
392 #define BPF_RVAL(code)	((code) & 0x18)
393 #define		BPF_A		0x10
394 
395 /* misc */
396 #define BPF_MISCOP(code) ((code) & 0xf8)
397 #define		BPF_TAX		0x00
398 #define		BPF_TXA		0x80
399 
400 /*
401  * The instruction data structure.
402  */
403 struct bpf_insn {
404 	u_short	code;
405 	u_char 	jt;
406 	u_char 	jf;
407 	bpf_int32 k;
408 };
409 
410 /*
411  * Macros for insn array initializers.
412  */
413 #define BPF_STMT(code, k) { (u_short)(code), 0, 0, k }
414 #define BPF_JUMP(code, k, jt, jf) { (u_short)(code), jt, jf, k }
415 
416 #if defined(BSD) && (defined(KERNEL) || defined(_KERNEL))
417 /*
418  * Systems based on non-BSD kernels don't have ifnet's (or they don't mean
419  * anything if it is in <net/if.h>) and won't work like this.
420  */
421 # if __STDC__
422 extern void bpf_tap(struct ifnet *, u_char *, u_int);
423 extern void bpf_mtap(struct ifnet *, struct mbuf *);
424 extern void bpfattach(struct ifnet *, u_int, u_int);
425 extern void bpfilterattach(int);
426 # else
427 extern void bpf_tap();
428 extern void bpf_mtap();
429 extern void bpfattach();
430 extern void bpfilterattach();
431 # endif /* __STDC__ */
432 #endif /* BSD && (_KERNEL || KERNEL) */
433 #if __STDC__ || defined(__cplusplus)
434 extern int bpf_validate(struct bpf_insn *, int);
435 extern u_int bpf_filter(struct bpf_insn *, u_char *, u_int, u_int);
436 #else
437 extern int bpf_validate();
438 extern u_int bpf_filter();
439 #endif
440 
441 /*
442  * Number of scratch memory words (for BPF_LD|BPF_MEM and BPF_ST).
443  */
444 #define BPF_MEMWORDS 16
445 
446 #ifdef __cplusplus
447 }
448 #endif
449 
450 #endif
451