xref: /titanic_44/usr/src/uts/common/inet/ipf/ipf.h (revision fd48ee9d3ac0b670085f2c9cbfb9e810ea509cc4) 
1ab25eeb5Syz155240 /*
2ab25eeb5Syz155240  * Copyright (C) 1993-2001, 2003 by Darren Reed.
3ab25eeb5Syz155240  *
4ab25eeb5Syz155240  * See the IPFILTER.LICENCE file for details on licencing.
5ab25eeb5Syz155240  *
6ab25eeb5Syz155240  * @(#)ipf.h	1.12 6/5/96
7ab25eeb5Syz155240  * $Id: ipf.h,v 2.71.2.7 2005/06/12 07:18:31 darrenr Exp $
8ab25eeb5Syz155240  *
923a1cceaSRoger A. Faulkner  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
10ab25eeb5Syz155240  */
11ab25eeb5Syz155240 
12ab25eeb5Syz155240 #ifndef	__IPF_H__
13ab25eeb5Syz155240 #define	__IPF_H__
14ab25eeb5Syz155240 
15ab25eeb5Syz155240 #if defined(__osf__)
16ab25eeb5Syz155240 # define radix_mask ipf_radix_mask
17ab25eeb5Syz155240 # define radix_node ipf_radix_node
18ab25eeb5Syz155240 # define radix_node_head ipf_radix_node_head
19ab25eeb5Syz155240 #endif
20ab25eeb5Syz155240 
21ab25eeb5Syz155240 #include <sys/param.h>
22ab25eeb5Syz155240 #include <sys/types.h>
23ab25eeb5Syz155240 #include <sys/file.h>
24ab25eeb5Syz155240 /*
25ab25eeb5Syz155240  * This is a workaround for <sys/uio.h> troubles on FreeBSD, HPUX, OpenBSD.
26ab25eeb5Syz155240  * Needed here because on some systems <sys/uio.h> gets included by things
27ab25eeb5Syz155240  * like <sys/socket.h>
28ab25eeb5Syz155240  */
29ab25eeb5Syz155240 #ifndef _KERNEL
30ab25eeb5Syz155240 # define ADD_KERNEL
31ab25eeb5Syz155240 # define _KERNEL
32ab25eeb5Syz155240 # define KERNEL
33ab25eeb5Syz155240 #endif
34ab25eeb5Syz155240 #ifdef __OpenBSD__
35ab25eeb5Syz155240 struct file;
36ab25eeb5Syz155240 #endif
37ab25eeb5Syz155240 #include <sys/uio.h>
38ab25eeb5Syz155240 #ifdef ADD_KERNEL
39ab25eeb5Syz155240 # undef _KERNEL
40ab25eeb5Syz155240 # undef KERNEL
41ab25eeb5Syz155240 #endif
42ab25eeb5Syz155240 #include <sys/time.h>
43ab25eeb5Syz155240 #include <sys/socket.h>
44ab25eeb5Syz155240 #include <net/if.h>
45ab25eeb5Syz155240 #if __FreeBSD_version >= 300000
46ab25eeb5Syz155240 # include <net/if_var.h>
47ab25eeb5Syz155240 #endif
48ab25eeb5Syz155240 #include <netinet/in.h>
49ab25eeb5Syz155240 #include <netinet/in_systm.h>
50ab25eeb5Syz155240 #include <netinet/ip.h>
51ab25eeb5Syz155240 #include <netinet/ip_icmp.h>
52ab25eeb5Syz155240 #ifndef	TCP_PAWS_IDLE	/* IRIX */
53ab25eeb5Syz155240 # include <netinet/tcp.h>
54ab25eeb5Syz155240 #endif
55ab25eeb5Syz155240 #include <netinet/udp.h>
56ab25eeb5Syz155240 
57ab25eeb5Syz155240 #include <arpa/inet.h>
58ab25eeb5Syz155240 
59ab25eeb5Syz155240 #include <errno.h>
60ab25eeb5Syz155240 #include <limits.h>
61ab25eeb5Syz155240 #include <netdb.h>
62ab25eeb5Syz155240 #include <stdlib.h>
63ab25eeb5Syz155240 #include <stddef.h>
64ab25eeb5Syz155240 #include <stdio.h>
65ab25eeb5Syz155240 #if !defined(__SVR4) && !defined(__svr4__) && defined(sun)
66ab25eeb5Syz155240 # include <strings.h>
67ab25eeb5Syz155240 #endif
68ab25eeb5Syz155240 #include <string.h>
69ab25eeb5Syz155240 #include <unistd.h>
70ab25eeb5Syz155240 
71f4b3ec61Sdh155122 #include "netinet/ipf_stack.h"
72ab25eeb5Syz155240 #include "netinet/ip_compat.h"
73ab25eeb5Syz155240 #include "netinet/ip_fil.h"
74ab25eeb5Syz155240 #include "netinet/ip_nat.h"
75ab25eeb5Syz155240 #include "netinet/ip_frag.h"
76ab25eeb5Syz155240 #include "netinet/ip_state.h"
77ab25eeb5Syz155240 #include "netinet/ip_proxy.h"
78ab25eeb5Syz155240 #include "netinet/ip_auth.h"
79ab25eeb5Syz155240 #include "netinet/ip_lookup.h"
80ab25eeb5Syz155240 #include "netinet/ip_pool.h"
81ab25eeb5Syz155240 #ifdef IPFILTER_SCAN
82ab25eeb5Syz155240 #include "netinet/ip_scan.h"
83ab25eeb5Syz155240 #endif
84ab25eeb5Syz155240 #include "netinet/ip_htable.h"
85ab25eeb5Syz155240 #ifdef IPFILTER_SYNC
86ab25eeb5Syz155240 #include "netinet/ip_sync.h"
87ab25eeb5Syz155240 #endif
88ab25eeb5Syz155240 
89ab25eeb5Syz155240 #include "opts.h"
90ab25eeb5Syz155240 
91ab25eeb5Syz155240 #ifndef __P
92ab25eeb5Syz155240 # ifdef __STDC__
93ab25eeb5Syz155240 #  define	__P(x)	x
94ab25eeb5Syz155240 # else
95ab25eeb5Syz155240 #  define	__P(x)	()
96ab25eeb5Syz155240 # endif
97ab25eeb5Syz155240 #endif
98ab25eeb5Syz155240 #ifndef __STDC__
99ab25eeb5Syz155240 # undef		const
100ab25eeb5Syz155240 # define	const
101ab25eeb5Syz155240 #endif
102ab25eeb5Syz155240 
103ab25eeb5Syz155240 #ifndef	U_32_T
104ab25eeb5Syz155240 # define	U_32_T	1
105ab25eeb5Syz155240 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
106ab25eeb5Syz155240     defined(__sgi)
107ab25eeb5Syz155240 typedef	u_int32_t	u_32_t;
108ab25eeb5Syz155240 # else
109ab25eeb5Syz155240 #  if defined(__alpha__) || defined(__alpha) || defined(_LP64)
110ab25eeb5Syz155240 typedef unsigned int	u_32_t;
111ab25eeb5Syz155240 #  else
112ab25eeb5Syz155240 #   if SOLARIS2 >= 6
113ab25eeb5Syz155240 typedef uint32_t	u_32_t;
114ab25eeb5Syz155240 #   else
115ab25eeb5Syz155240 typedef unsigned int	u_32_t;
116ab25eeb5Syz155240 #   endif
117ab25eeb5Syz155240 #  endif
118ab25eeb5Syz155240 # endif /* __NetBSD__ || __OpenBSD__ || __FreeBSD__ || __sgi */
119ab25eeb5Syz155240 #endif /* U_32_T */
120ab25eeb5Syz155240 
121ab25eeb5Syz155240 #ifndef	MAXHOSTNAMELEN
122ab25eeb5Syz155240 # define	MAXHOSTNAMELEN	256
123ab25eeb5Syz155240 #endif
124ab25eeb5Syz155240 
125ab25eeb5Syz155240 #define	MAX_ICMPCODE	16
126ab25eeb5Syz155240 #define	MAX_ICMPTYPE	19
127ab25eeb5Syz155240 
128ab25eeb5Syz155240 
129ab25eeb5Syz155240 struct	ipopt_names	{
130ab25eeb5Syz155240 	int	on_value;
131ab25eeb5Syz155240 	int	on_bit;
132ab25eeb5Syz155240 	int	on_siz;
133ab25eeb5Syz155240 	char	*on_name;
134ab25eeb5Syz155240 };
135ab25eeb5Syz155240 
136ab25eeb5Syz155240 
137ab25eeb5Syz155240 typedef struct  alist_s {
138ab25eeb5Syz155240 	struct	alist_s	*al_next;
139ab25eeb5Syz155240 	int		al_not;
140ab25eeb5Syz155240 	sa_family_t	al_family;
141ab25eeb5Syz155240 	i6addr_t	al_i6addr;
142ab25eeb5Syz155240 	i6addr_t	al_i6mask;
143ab25eeb5Syz155240 } alist_t;
144ab25eeb5Syz155240 
145ab25eeb5Syz155240 #define	al_addr	al_i6addr.in4_addr
146ab25eeb5Syz155240 #define	al_mask	al_i6mask.in4_addr
147ab25eeb5Syz155240 #define	al_1	al_addr
148ab25eeb5Syz155240 #define	al_2	al_mask
149ab25eeb5Syz155240 
150ab25eeb5Syz155240 
151ab25eeb5Syz155240 typedef	struct	{
152ab25eeb5Syz155240 	u_short	fb_c;
153ab25eeb5Syz155240 	u_char	fb_t;
154ab25eeb5Syz155240 	u_char	fb_f;
155ab25eeb5Syz155240 	u_32_t	fb_k;
156ab25eeb5Syz155240 } fakebpf_t;
157ab25eeb5Syz155240 
158ab25eeb5Syz155240 
159ab25eeb5Syz155240 #if defined(__NetBSD__) || defined(__OpenBSD__) || \
160ab25eeb5Syz155240 	(_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
161*fd48ee9dSToomas Soome 	defined(SOLARIS) || defined(__sgi) || defined(__osf__) || \
162*fd48ee9dSToomas Soome 	defined(linux)
163ab25eeb5Syz155240 # include <stdarg.h>
164ab25eeb5Syz155240 typedef	int	(* ioctlfunc_t) __P((int, ioctlcmd_t, ...));
165ab25eeb5Syz155240 #else
166ab25eeb5Syz155240 typedef	int	(* ioctlfunc_t) __P((dev_t, ioctlcmd_t, void *));
167ab25eeb5Syz155240 #endif
168ab25eeb5Syz155240 typedef	void	(* addfunc_t) __P((int, ioctlfunc_t, void *));
169ab25eeb5Syz155240 typedef	int	(* copyfunc_t) __P((void *, void *, size_t));
170ab25eeb5Syz155240 
171ab25eeb5Syz155240 
172ab25eeb5Syz155240 /*
173ab25eeb5Syz155240  * SunOS4
174ab25eeb5Syz155240  */
175ab25eeb5Syz155240 #if defined(sun) && !defined(__SVR4) && !defined(__svr4__)
176ab25eeb5Syz155240 extern	int	ioctl __P((int, int, void *));
177ab25eeb5Syz155240 #endif
178ab25eeb5Syz155240 
179ab25eeb5Syz155240 extern	char	thishost[];
180ab25eeb5Syz155240 extern	char	flagset[];
181ab25eeb5Syz155240 extern	u_char	flags[];
182ab25eeb5Syz155240 extern	struct ipopt_names ionames[];
183ab25eeb5Syz155240 extern	struct ipopt_names secclass[];
184ab25eeb5Syz155240 extern	char	*icmpcodes[MAX_ICMPCODE + 1];
185ab25eeb5Syz155240 extern	char	*icmptypes[MAX_ICMPTYPE + 1];
186ab25eeb5Syz155240 extern	int	use_inet6;
187ab25eeb5Syz155240 extern	int	lineNum;
188ab25eeb5Syz155240 extern	struct ipopt_names v6ionames[];
189ab25eeb5Syz155240 
190ab25eeb5Syz155240 
191ab25eeb5Syz155240 extern int addicmp __P((char ***, struct frentry *, int));
192ab25eeb5Syz155240 extern int addipopt __P((char *, struct ipopt_names *, int, char *));
193ab25eeb5Syz155240 extern int addkeep __P((char ***, struct frentry *, int));
194ab25eeb5Syz155240 extern int bcopywrap __P((void *, void *, size_t));
195ab25eeb5Syz155240 extern void binprint __P((void *, size_t));
196ab25eeb5Syz155240 extern void initparse __P((void));
197ab25eeb5Syz155240 extern u_32_t buildopts __P((char *, char *, int));
198ab25eeb5Syz155240 extern int checkrev __P((char *));
199ab25eeb5Syz155240 extern int count6bits __P((u_32_t *));
200ab25eeb5Syz155240 extern int count4bits __P((u_32_t));
201ab25eeb5Syz155240 extern int extras __P((char ***, struct frentry *, int));
202ab25eeb5Syz155240 extern char *fac_toname __P((int));
203ab25eeb5Syz155240 extern int fac_findname __P((char *));
204ab25eeb5Syz155240 extern void fill6bits __P((int, u_int *));
2059b4c7145Sjojemann extern int gethost __P((char *, i6addr_t *, int));
206ab25eeb5Syz155240 extern int getport __P((struct frentry *, char *, u_short *));
207ab25eeb5Syz155240 extern int getportproto __P((char *, int));
208ab25eeb5Syz155240 extern int getproto __P((char *));
20923a1cceaSRoger A. Faulkner extern char *getaline __P((char *, size_t, FILE *, int *));
210ab25eeb5Syz155240 extern int genmask __P((char *, u_32_t *));
211f4b3ec61Sdh155122 extern char *getnattype __P((struct nat *, int));
212ab25eeb5Syz155240 extern char *getsumd __P((u_32_t));
213ab25eeb5Syz155240 extern u_32_t getoptbyname __P((char *));
214ab25eeb5Syz155240 extern u_32_t getoptbyvalue __P((int));
215ab25eeb5Syz155240 extern u_32_t getv6optbyname __P((char *));
216ab25eeb5Syz155240 extern u_32_t getv6optbyvalue __P((int));
217ab25eeb5Syz155240 extern void hexdump __P((FILE *, void *, int, int));
218ab25eeb5Syz155240 extern int icmpcode __P((char *));
219ab25eeb5Syz155240 extern void initparse __P((void));
220ab25eeb5Syz155240 extern void ipf_dotuning __P((int, char *, ioctlfunc_t));
221ab25eeb5Syz155240 extern void ipf_addrule __P((int, ioctlfunc_t, void *));
222ab25eeb5Syz155240 extern int ipf_parsefile __P((int, addfunc_t, ioctlfunc_t *, char *));
223ab25eeb5Syz155240 extern int ipf_parsesome __P((int, addfunc_t, ioctlfunc_t *, FILE *));
224ab25eeb5Syz155240 extern int ipmon_parsefile __P((char *));
225ab25eeb5Syz155240 extern int ipmon_parsesome __P((FILE *));
226ab25eeb5Syz155240 extern void ipnat_addrule __P((int, ioctlfunc_t, void *));
227ab25eeb5Syz155240 extern int ipnat_parsefile __P((int, addfunc_t, ioctlfunc_t, char *));
228ab25eeb5Syz155240 extern int ipnat_parsesome __P((int, addfunc_t, ioctlfunc_t, FILE *));
229ab25eeb5Syz155240 extern int ippool_parsefile __P((int, char *, ioctlfunc_t));
230ab25eeb5Syz155240 extern int ippool_parsesome __P((int, FILE *, ioctlfunc_t));
231ab25eeb5Syz155240 extern int kmemcpywrap __P((void *, void *, size_t));
232ab25eeb5Syz155240 extern char *kvatoname __P((ipfunc_t, ioctlfunc_t));
233ab25eeb5Syz155240 extern int load_hash __P((struct iphtable_s *, struct iphtent_s *,
234ab25eeb5Syz155240 			  ioctlfunc_t));
235ab25eeb5Syz155240 extern int load_hashnode __P((int, char *, struct iphtent_s *, ioctlfunc_t));
236ab25eeb5Syz155240 extern int load_pool __P((struct ip_pool_s *list, ioctlfunc_t));
237ab25eeb5Syz155240 extern int load_poolnode __P((int, char *, ip_pool_node_t *, ioctlfunc_t));
238ab25eeb5Syz155240 extern int loglevel __P((char **, u_int *, int));
239ab25eeb5Syz155240 extern alist_t *make_range __P((int, struct in_addr, struct in_addr));
240ab25eeb5Syz155240 extern ipfunc_t nametokva __P((char *, ioctlfunc_t));
241ab25eeb5Syz155240 extern void nat_setgroupmap __P((struct ipnat *));
242ab25eeb5Syz155240 extern int ntomask __P((int, int, u_32_t *));
243ab25eeb5Syz155240 extern u_32_t optname __P((char ***, u_short *, int));
244ab25eeb5Syz155240 extern struct frentry *parse __P((char *, int));
245ab25eeb5Syz155240 extern char *portname __P((int, int));
246ab25eeb5Syz155240 extern int portnum __P((char *, char *, u_short *, int));
247ab25eeb5Syz155240 extern int ports __P((char ***, char *, u_short *, int *, u_short *, int));
248ab25eeb5Syz155240 extern int pri_findname __P((char *));
249ab25eeb5Syz155240 extern char *pri_toname __P((int));
250ab25eeb5Syz155240 extern void print_toif __P((char *, struct frdest *));
251d6c23f6fSyx160601 extern void printaddr __P((int, int, char *, u_32_t *, u_32_t *));
252ab25eeb5Syz155240 extern void printaps __P((ap_session_t *, int));
253ab25eeb5Syz155240 extern void printbuf __P((char *, int, int));
254ab25eeb5Syz155240 extern void printfr __P((struct frentry *, ioctlfunc_t));
255f4b3ec61Sdh155122 extern struct iphtable_s *printhash_live __P((struct iphtable_s *, int, char*, int));
256f4b3ec61Sdh155122 extern void printhashdata __P((struct iphtable_s *, int));
257ab25eeb5Syz155240 extern void printtunable __P((ipftune_t *));
258ab25eeb5Syz155240 extern struct iphtable_s *printhash __P((struct iphtable_s *, copyfunc_t,
259ab25eeb5Syz155240 					 char *, int));
260ab25eeb5Syz155240 extern struct iphtent_s *printhashnode __P((struct iphtable_s *,
261ab25eeb5Syz155240 					    struct iphtent_s *,
262ab25eeb5Syz155240 					    copyfunc_t, int));
263ab25eeb5Syz155240 extern void printhostmask __P((int, u_32_t *, u_32_t *));
264ab25eeb5Syz155240 extern void printip __P((u_32_t *));
265ab25eeb5Syz155240 extern void printlog __P((struct frentry *));
266ab25eeb5Syz155240 extern void printlookup __P((i6addr_t *addr, i6addr_t *mask));
267ab25eeb5Syz155240 extern void printmask __P((int, u_32_t *));
268ab25eeb5Syz155240 extern void printpacket __P((struct ip *));
269ab25eeb5Syz155240 extern void printpacket6 __P((struct ip *));
270ab25eeb5Syz155240 extern struct ip_pool_s *printpool __P((struct ip_pool_s *, copyfunc_t,
271ab25eeb5Syz155240 					char *, int));
272f4b3ec61Sdh155122 extern struct ip_pool_s *printpool_live __P((struct ip_pool_s *, int, char*, int));
273f4b3ec61Sdh155122 extern void printpooldata __P((struct ip_pool_s *, int));
274ab25eeb5Syz155240 extern struct ip_pool_node *printpoolnode __P((struct ip_pool_node *, int));
275ab25eeb5Syz155240 extern void printproto __P((struct protoent *, int, struct ipnat *));
276ab25eeb5Syz155240 extern void printportcmp __P((int, struct frpcmp *));
277ab25eeb5Syz155240 extern void optprint __P((u_short *, u_long, u_long));
278ab25eeb5Syz155240 #ifdef	USE_INET6
279ab25eeb5Syz155240 extern void optprintv6 __P((u_short *, u_long, u_long));
280ab25eeb5Syz155240 #endif
281ab25eeb5Syz155240 extern int ratoi __P((char *, int *, int, int));
282ab25eeb5Syz155240 extern int ratoui __P((char *, u_int *, u_int, u_int));
283ab25eeb5Syz155240 extern int remove_hash __P((struct iphtable_s *, ioctlfunc_t));
284ab25eeb5Syz155240 extern int remove_hashnode __P((int, char *, struct iphtent_s *, ioctlfunc_t));
285ab25eeb5Syz155240 extern int remove_pool __P((ip_pool_t *, ioctlfunc_t));
286ab25eeb5Syz155240 extern int remove_poolnode __P((int, char *, ip_pool_node_t *, ioctlfunc_t));
287ab25eeb5Syz155240 extern u_char tcp_flags __P((char *, u_char *, int));
288ab25eeb5Syz155240 extern u_char tcpflags __P((char *));
289ab25eeb5Syz155240 extern void printc __P((struct frentry *));
290ab25eeb5Syz155240 extern void printC __P((int));
291ab25eeb5Syz155240 extern void emit __P((int, int, void *, struct frentry *));
292ab25eeb5Syz155240 extern u_char secbit __P((int));
293ab25eeb5Syz155240 extern u_char seclevel __P((char *));
294ab25eeb5Syz155240 extern void printfraginfo __P((char *, struct ipfr *));
295ab25eeb5Syz155240 extern void printifname __P((char *, char *, void *));
296ab25eeb5Syz155240 extern char *hostname __P((int, void *));
297ab25eeb5Syz155240 extern struct ipstate *printstate __P((struct ipstate *, int, u_long));
298ab25eeb5Syz155240 extern void printsbuf __P((char *));
299ab25eeb5Syz155240 extern void printnat __P((struct ipnat *, int));
300d6c23f6fSyx160601 extern void printactiveaddress __P((int, char *, i6addr_t *, char *));
301f4b3ec61Sdh155122 extern void printactivenat __P((struct nat *, int, int));
302ab25eeb5Syz155240 extern void printhostmap __P((struct hostmap *, u_int));
303ab25eeb5Syz155240 extern void printpacket __P((struct ip *));
304ab25eeb5Syz155240 
305ab25eeb5Syz155240 extern void set_variable __P((char *, char *));
306ab25eeb5Syz155240 extern char *get_variable __P((char *, char **, int));
307ab25eeb5Syz155240 extern void resetlexer __P((void));
308ab25eeb5Syz155240 
309*fd48ee9dSToomas Soome #ifdef SOLARIS
310ab25eeb5Syz155240 extern int gethostname __P((char *, int ));
311ab25eeb5Syz155240 extern void sync __P((void));
312ab25eeb5Syz155240 #endif
313ab25eeb5Syz155240 
314ab25eeb5Syz155240 #endif /* __IPF_H__ */
315