1 /* $Id: ssp_ebtables.h,v 1.2 2008/04/26 19:53:21 fknobbe Exp $ 2 * 3 * 4 * Copyright (c) 2003-2008 Fabrizio Tivano <fabrizio@sad.it>, 5 * Bruno Scatolin <ipsystems@uol.com.br> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * 30 * ssp_ebtables.h 31 * 32 * Purpose: 33 * 34 * This SnortSam plugin is for a ebtables firewall, 35 * SnortSam will expire the blocks itself. 36 * 37 * The plugin for ebtables, created by Bruno, is based on the iptable plugin 38 * created by Fabrizio. 39 * 40 * 41 */ 42 43 44 #ifdef Linux 45 46 #ifndef __SSP_EBT_H__ 47 #define __SSP_EBT_H__ 48 49 #define EBTLOGLEVEL "syslog.info" 50 51 typedef struct _ebtdata /* List of EBTABLES firewalls */ 52 { char iface[10]; 53 char loglv[20]; 54 } EBTDATA; 55 56 57 void EBTParse(char *,char *,unsigned long,DATALIST *); 58 void EBTBlock(BLOCKINFO *,void *,unsigned long); 59 60 #endif /* __SSP_EBT_H__ */ 61 #endif /* Linux */ 62 63