1*86d7f5d3SJohn Marino /* lint -save -library Flexelint comment for external headers */ 2*86d7f5d3SJohn Marino 3*86d7f5d3SJohn Marino /*- 4*86d7f5d3SJohn Marino * Copyright (c) 2001 Charles Mott <cm@linktel.net> 5*86d7f5d3SJohn Marino * All rights reserved. 6*86d7f5d3SJohn Marino * 7*86d7f5d3SJohn Marino * Redistribution and use in source and binary forms, with or without 8*86d7f5d3SJohn Marino * modification, are permitted provided that the following conditions 9*86d7f5d3SJohn Marino * are met: 10*86d7f5d3SJohn Marino * 1. Redistributions of source code must retain the above copyright 11*86d7f5d3SJohn Marino * notice, this list of conditions and the following disclaimer. 12*86d7f5d3SJohn Marino * 2. Redistributions in binary form must reproduce the above copyright 13*86d7f5d3SJohn Marino * notice, this list of conditions and the following disclaimer in the 14*86d7f5d3SJohn Marino * documentation and/or other materials provided with the distribution. 15*86d7f5d3SJohn Marino * 16*86d7f5d3SJohn Marino * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17*86d7f5d3SJohn Marino * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18*86d7f5d3SJohn Marino * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19*86d7f5d3SJohn Marino * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20*86d7f5d3SJohn Marino * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21*86d7f5d3SJohn Marino * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22*86d7f5d3SJohn Marino * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23*86d7f5d3SJohn Marino * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24*86d7f5d3SJohn Marino * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25*86d7f5d3SJohn Marino * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26*86d7f5d3SJohn Marino * SUCH DAMAGE. 27*86d7f5d3SJohn Marino * 28*86d7f5d3SJohn Marino * $FreeBSD: src/lib/libalias/alias.h,v 1.12.2.6 2001/11/23 13:10:15 brian Exp $ 29*86d7f5d3SJohn Marino * $DragonFly: src/lib/libalias/alias.h,v 1.2 2003/06/17 04:26:41 dillon Exp $ 30*86d7f5d3SJohn Marino */ 31*86d7f5d3SJohn Marino 32*86d7f5d3SJohn Marino /*- 33*86d7f5d3SJohn Marino * Alias.h defines the outside world interfaces for the packet aliasing 34*86d7f5d3SJohn Marino * software. 35*86d7f5d3SJohn Marino * 36*86d7f5d3SJohn Marino * This software is placed into the public domain with no restrictions on its 37*86d7f5d3SJohn Marino * distribution. 38*86d7f5d3SJohn Marino */ 39*86d7f5d3SJohn Marino 40*86d7f5d3SJohn Marino #ifndef _ALIAS_H_ 41*86d7f5d3SJohn Marino #define _ALIAS_H_ 42*86d7f5d3SJohn Marino 43*86d7f5d3SJohn Marino /* The external interface to libalias, the packet aliasing engine. */ 44*86d7f5d3SJohn Marino 45*86d7f5d3SJohn Marino /* Initialization and control functions. */ 46*86d7f5d3SJohn Marino void PacketAliasInit(void); 47*86d7f5d3SJohn Marino void PacketAliasSetAddress(struct in_addr _addr); 48*86d7f5d3SJohn Marino void PacketAliasSetFWBase(unsigned int _base, unsigned int _num); 49*86d7f5d3SJohn Marino unsigned int 50*86d7f5d3SJohn Marino PacketAliasSetMode(unsigned int _flags, unsigned int _mask); 51*86d7f5d3SJohn Marino void PacketAliasUninit(void); 52*86d7f5d3SJohn Marino 53*86d7f5d3SJohn Marino /* Packet Handling functions. */ 54*86d7f5d3SJohn Marino int PacketAliasIn(char *_ptr, int _maxpacketsize); 55*86d7f5d3SJohn Marino int PacketAliasOut(char *_ptr, int _maxpacketsize); 56*86d7f5d3SJohn Marino int PacketUnaliasOut(char *_ptr, int _maxpacketsize); 57*86d7f5d3SJohn Marino 58*86d7f5d3SJohn Marino /* Port and address redirection functions. */ 59*86d7f5d3SJohn Marino 60*86d7f5d3SJohn Marino /* 61*86d7f5d3SJohn Marino * An anonymous structure, a pointer to which is returned from 62*86d7f5d3SJohn Marino * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or 63*86d7f5d3SJohn Marino * PacketAliasRedirectProto(), passed to PacketAliasAddServer(), 64*86d7f5d3SJohn Marino * and freed by PacketAliasRedirectDelete(). 65*86d7f5d3SJohn Marino */ 66*86d7f5d3SJohn Marino struct alias_link; 67*86d7f5d3SJohn Marino 68*86d7f5d3SJohn Marino int PacketAliasAddServer(struct alias_link *_link, 69*86d7f5d3SJohn Marino struct in_addr _addr, unsigned short _port); 70*86d7f5d3SJohn Marino struct alias_link * 71*86d7f5d3SJohn Marino PacketAliasRedirectAddr(struct in_addr _src_addr, 72*86d7f5d3SJohn Marino struct in_addr _alias_addr); 73*86d7f5d3SJohn Marino void PacketAliasRedirectDelete(struct alias_link *_link); 74*86d7f5d3SJohn Marino struct alias_link * 75*86d7f5d3SJohn Marino PacketAliasRedirectPort(struct in_addr _src_addr, 76*86d7f5d3SJohn Marino unsigned short _src_port, struct in_addr _dst_addr, 77*86d7f5d3SJohn Marino unsigned short _dst_port, struct in_addr _alias_addr, 78*86d7f5d3SJohn Marino unsigned short _alias_port, unsigned char _proto); 79*86d7f5d3SJohn Marino struct alias_link * 80*86d7f5d3SJohn Marino PacketAliasRedirectProto(struct in_addr _src_addr, 81*86d7f5d3SJohn Marino struct in_addr _dst_addr, struct in_addr _alias_addr, 82*86d7f5d3SJohn Marino unsigned char _proto); 83*86d7f5d3SJohn Marino 84*86d7f5d3SJohn Marino /* Fragment Handling functions. */ 85*86d7f5d3SJohn Marino void PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment); 86*86d7f5d3SJohn Marino char *PacketAliasGetFragment(char *_ptr); 87*86d7f5d3SJohn Marino int PacketAliasSaveFragment(char *_ptr); 88*86d7f5d3SJohn Marino 89*86d7f5d3SJohn Marino /* Miscellaneous functions. */ 90*86d7f5d3SJohn Marino int PacketAliasCheckNewLink(void); 91*86d7f5d3SJohn Marino unsigned short 92*86d7f5d3SJohn Marino PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes); 93*86d7f5d3SJohn Marino void PacketAliasSetTarget(struct in_addr _target_addr); 94*86d7f5d3SJohn Marino 95*86d7f5d3SJohn Marino /* Transparent proxying routines. */ 96*86d7f5d3SJohn Marino int PacketAliasProxyRule(const char *_cmd); 97*86d7f5d3SJohn Marino 98*86d7f5d3SJohn Marino /* Mode flags, set using PacketAliasSetMode() */ 99*86d7f5d3SJohn Marino 100*86d7f5d3SJohn Marino /* 101*86d7f5d3SJohn Marino * If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log 102*86d7f5d3SJohn Marino * every time a link is created or deleted. This is useful for debugging. 103*86d7f5d3SJohn Marino */ 104*86d7f5d3SJohn Marino #define PKT_ALIAS_LOG 0x01 105*86d7f5d3SJohn Marino 106*86d7f5d3SJohn Marino /* 107*86d7f5d3SJohn Marino * If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp, 108*86d7f5d3SJohn Marino * telnet or web servers will be prevented by the aliasing mechanism. 109*86d7f5d3SJohn Marino */ 110*86d7f5d3SJohn Marino #define PKT_ALIAS_DENY_INCOMING 0x02 111*86d7f5d3SJohn Marino 112*86d7f5d3SJohn Marino /* 113*86d7f5d3SJohn Marino * If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the 114*86d7f5d3SJohn Marino * same port as they originated on. This allows e.g. rsh to work *99% of the 115*86d7f5d3SJohn Marino * time*, but _not_ 100% (it will be slightly flakey instead of not working 116*86d7f5d3SJohn Marino * at all). This mode bit is set by PacketAliasInit(), so it is a default 117*86d7f5d3SJohn Marino * mode of operation. 118*86d7f5d3SJohn Marino */ 119*86d7f5d3SJohn Marino #define PKT_ALIAS_SAME_PORTS 0x04 120*86d7f5d3SJohn Marino 121*86d7f5d3SJohn Marino /* 122*86d7f5d3SJohn Marino * If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g. 123*86d7f5d3SJohn Marino * destination port and/or address is zero), the packet aliasing engine will 124*86d7f5d3SJohn Marino * attempt to allocate a socket for the aliasing port it chooses. This will 125*86d7f5d3SJohn Marino * avoid interference with the host machine. Fully specified links do not 126*86d7f5d3SJohn Marino * require this. This bit is set after a call to PacketAliasInit(), so it is 127*86d7f5d3SJohn Marino * a default mode of operation. 128*86d7f5d3SJohn Marino */ 129*86d7f5d3SJohn Marino #define PKT_ALIAS_USE_SOCKETS 0x08 130*86d7f5d3SJohn Marino 131*86d7f5d3SJohn Marino /*- 132*86d7f5d3SJohn Marino * If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with 133*86d7f5d3SJohn Marino * unregistered source addresses will be aliased. Private 134*86d7f5d3SJohn Marino * addresses are those in the following ranges: 135*86d7f5d3SJohn Marino * 136*86d7f5d3SJohn Marino * 10.0.0.0 -> 10.255.255.255 137*86d7f5d3SJohn Marino * 172.16.0.0 -> 172.31.255.255 138*86d7f5d3SJohn Marino * 192.168.0.0 -> 192.168.255.255 139*86d7f5d3SJohn Marino */ 140*86d7f5d3SJohn Marino #define PKT_ALIAS_UNREGISTERED_ONLY 0x10 141*86d7f5d3SJohn Marino 142*86d7f5d3SJohn Marino /* 143*86d7f5d3SJohn Marino * If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic 144*86d7f5d3SJohn Marino * aliasing links will be reset whenever PacketAliasSetAddress() changes the 145*86d7f5d3SJohn Marino * default aliasing address. If the default aliasing address is left 146*86d7f5d3SJohn Marino * unchanged by this function call, then the table of dynamic aliasing links 147*86d7f5d3SJohn Marino * will be left intact. This bit is set after a call to PacketAliasInit(). 148*86d7f5d3SJohn Marino */ 149*86d7f5d3SJohn Marino #define PKT_ALIAS_RESET_ON_ADDR_CHANGE 0x20 150*86d7f5d3SJohn Marino 151*86d7f5d3SJohn Marino #ifndef NO_FW_PUNCH 152*86d7f5d3SJohn Marino /* 153*86d7f5d3SJohn Marino * If PKT_ALIAS_PUNCH_FW is set, active FTP and IRC DCC connections will 154*86d7f5d3SJohn Marino * create a 'hole' in the firewall to allow the transfers to work. The 155*86d7f5d3SJohn Marino * ipfw rule number that the hole is created with is controlled by 156*86d7f5d3SJohn Marino * PacketAliasSetFWBase(). The hole will be attached to that 157*86d7f5d3SJohn Marino * particular alias_link, so when the link goes away the hole is deleted. 158*86d7f5d3SJohn Marino */ 159*86d7f5d3SJohn Marino #define PKT_ALIAS_PUNCH_FW 0x100 160*86d7f5d3SJohn Marino #endif 161*86d7f5d3SJohn Marino 162*86d7f5d3SJohn Marino /* 163*86d7f5d3SJohn Marino * If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only 164*86d7f5d3SJohn Marino * transparent proxying is performed. 165*86d7f5d3SJohn Marino */ 166*86d7f5d3SJohn Marino #define PKT_ALIAS_PROXY_ONLY 0x40 167*86d7f5d3SJohn Marino 168*86d7f5d3SJohn Marino /* 169*86d7f5d3SJohn Marino * If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and 170*86d7f5d3SJohn Marino * PacketAliasOut() are reversed. 171*86d7f5d3SJohn Marino */ 172*86d7f5d3SJohn Marino #define PKT_ALIAS_REVERSE 0x80 173*86d7f5d3SJohn Marino 174*86d7f5d3SJohn Marino /* Function return codes. */ 175*86d7f5d3SJohn Marino #define PKT_ALIAS_ERROR -1 176*86d7f5d3SJohn Marino #define PKT_ALIAS_OK 1 177*86d7f5d3SJohn Marino #define PKT_ALIAS_IGNORED 2 178*86d7f5d3SJohn Marino #define PKT_ALIAS_UNRESOLVED_FRAGMENT 3 179*86d7f5d3SJohn Marino #define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4 180*86d7f5d3SJohn Marino 181*86d7f5d3SJohn Marino #endif /* !_ALIAS_H_ */ 182*86d7f5d3SJohn Marino 183*86d7f5d3SJohn Marino /* lint -restore */ 184