1 /* 2 * Copyright (c) 2014 - 2018 The DragonFly Project. All rights reserved. 3 * 4 * This code is derived from software contributed to The DragonFly Project 5 * by Bill Yuan <bycn82@dragonflybsd.org> 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in 15 * the documentation and/or other materials provided with the 16 * distribution. 17 * 3. Neither the name of The DragonFly Project nor the names of its 18 * contributors may be used to endorse or promote products derived 19 * from this software without specific, prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 22 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 24 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 25 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 26 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 27 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 28 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 29 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 30 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 31 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32 * SUCH DAMAGE. 33 */ 34 35 36 #ifndef _IPFW3_H_ 37 #define _IPFW3_H_ 38 39 /* 40 * This macro returns the size of a struct sockaddr when passed 41 * through a routing socket. Basically we round up sa_len to 42 * a multiple of sizeof(long), with a minimum of sizeof(long). 43 * The check for a NULL pointer is just a convenience, probably never used. 44 * The case sa_len == 0 should only apply to empty structures. 45 */ 46 #define SA_SIZE(sa) \ 47 ( (!(sa) || ((struct sockaddr *)(sa))->sa_len == 0) ? \ 48 sizeof(long) : \ 49 1 + ( (((struct sockaddr *)(sa))->sa_len - 1) | (sizeof(long) - 1) ) ) 50 51 /* 52 * Definition of a port range, and macros to deal with values. 53 * FORMAT: HI 16-bits == first port in range, 0 == all ports. 54 * LO 16-bits == number of ports in range 55 * NOTES: - Port values are not stored in network byte order. 56 */ 57 58 59 #define GETLOPORT(x) ((x) >> 0x10) 60 #define GETNUMPORTS(x) ((x) & 0x0000ffff) 61 #define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) 62 63 /* Set y to be the low-port value in port_range variable x. */ 64 #define SETLOPORT(x, y) ((x) = ((x) & 0x0000ffff) | ((y) << 0x10)) 65 66 /* Set y to be the number of ports in port_range variable x. */ 67 #define SETNUMPORTS(x, y) ((x) = ((x) & 0xffff0000) | (y)) 68 69 #define INC_ARGCV() do { \ 70 (*_av)++; \ 71 (*_ac)--; \ 72 av = *_av; \ 73 ac = *_ac; \ 74 } while (0) 75 76 77 enum tokens { 78 TOK_NULL=0, 79 80 TOK_IP, 81 TOK_IF, 82 TOK_ALOG, 83 TOK_DENY_INC, 84 TOK_SAME_PORTS, 85 TOK_UNREG_ONLY, 86 TOK_RESET_ADDR, 87 TOK_ALIAS_REV, 88 TOK_PROXY_ONLY, 89 TOK_REDIR_ADDR, 90 TOK_REDIR_PORT, 91 TOK_REDIR_PROTO, 92 93 TOK_PIPE, 94 TOK_QUEUE, 95 TOK_PLR, 96 TOK_NOERROR, 97 TOK_BUCKETS, 98 TOK_DSTIP, 99 TOK_SRCIP, 100 TOK_DSTPORT, 101 TOK_SRCPORT, 102 TOK_ALL, 103 TOK_MASK, 104 TOK_BW, 105 TOK_DELAY, 106 TOK_RED, 107 TOK_GRED, 108 TOK_DROPTAIL, 109 TOK_PROTO, 110 TOK_WEIGHT, 111 }; 112 113 struct char_int_map { 114 char *key; 115 int val; 116 }; 117 118 typedef void (*parser_func)(ipfw_insn **,int *, char ***); 119 typedef void (*shower_func)(ipfw_insn *, int); 120 typedef void (*register_func)(int, int, parser_func, shower_func); 121 typedef void (*register_keyword)(int, int, char *, int); 122 typedef void (*init_module)(register_func, register_keyword); 123 124 #define MAX_KEYWORD_LEN 20 125 #define KEYWORD_SIZE 256 126 #define MAPPING_SIZE 256 127 128 struct ipfw3_keyword { 129 int type; 130 char word[MAX_KEYWORD_LEN]; 131 int module; 132 int opcode; 133 }; 134 #define LEN_FW3_KEYWORD sizeof(struct ipfw3_keyword) 135 136 struct ipfw3_mapping { 137 int type; 138 int module; 139 int opcode; 140 parser_func parser; 141 shower_func shower; 142 }; 143 #define LEN_FW3_MAPPING sizeof(struct ipfw3_mapping) 144 145 ipfw_insn* next_cmd(ipfw_insn *cmd); 146 void register_ipfw_keyword(int module, int opcode, char *word, int type); 147 void register_ipfw_func(int, int, parser_func, shower_func); 148 int do_get_x(int optname, void *rule, int *optlen); 149 int do_set_x(int optname, void *rule, int optlen); 150 151 int match_token(struct char_int_map *table, char *string); 152 void module_get(char *modules_str, int len); 153 void module_list(int ac, char **av); 154 void module_load(void); 155 void register_ipfw_keyword(int module, int opcode, char *word, int type); 156 void register_ipfw_func(int module, int opcode, 157 parser_func parser, shower_func shower); 158 void prev_show_chk(ipfw_insn *cmd, uint8_t *prev_module, 159 uint8_t *prev_opcode, int *show_or); 160 int show_filter(ipfw_insn *cmd, char *word, int type); 161 void help(void); 162 void rule_delete(int ac, char **av); 163 void rule_list(int ac, char **av); 164 void rule_add(int ac, char **av, uint8_t insert); 165 void rule_zero(int ac, char **av); 166 void rule_flush(void); 167 void rule_show(struct ipfw_ioc_rule *rule, int pcwidth, int bcwidth); 168 int do_set_x(int optname, void *rule, int optlen); 169 int do_get_x(int optname, void *rule, int *optlen); 170 int ipfw3_main(int ac, char **av); 171 void ipfw3_readfile(int ac, char **av); 172 #endif 173