xref: /freebsd/usr.sbin/ppp/filter.h (revision 1d1fc017) 
1 /*
2  *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
3  *
4  *   Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
5  *
6  * Redistribution and use in source and binary forms are permitted
7  * provided that the above copyright notice and this paragraph are
8  * duplicated in all such forms and that any documentation,
9  * advertising materials, and other materials related to such
10  * distribution and use acknowledge that the software was developed
11  * by the Internet Initiative Japan.  The name of the
12  * IIJ may not be used to endorse or promote products derived
13  * from this software without specific prior written permission.
14  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
15  * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
16  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
17  *
18  * $Id: filter.h,v 1.14 1999/01/28 01:56:31 brian Exp $
19  *
20  *	TODO:
21  */
22 
23 /* Actions */
24 #define	A_NONE		0
25 #define	A_PERMIT	1
26 #define	A_DENY		2
27 #define	A_MASK		3
28 #define	A_UHOST		4
29 #define	A_UPORT		8
30 
31 /* Known protocols */
32 #define	P_NONE	0
33 #define	P_TCP	1
34 #define	P_UDP	2
35 #define	P_ICMP	3
36 
37 /* Operations */
38 #define	OP_NONE	0
39 #define	OP_EQ	1
40 #define	OP_GT	2
41 #define	OP_LT	4
42 
43 /* srctype or dsttype */
44 #define T_ADDR		0
45 #define T_MYADDR	1
46 #define T_HISADDR	2
47 
48 struct filterent {
49   int action;			/* Filtering action */
50   unsigned srctype : 2;		/* T_ value of src */
51   struct in_range src;		/* Source address */
52   unsigned dsttype : 2;		/* T_ value of dst */
53   struct in_range dst;		/* Destination address */
54   int proto;			/* Protocol */
55   struct {
56     short srcop;
57     u_short srcport;
58     short dstop;
59     u_short dstport;
60     unsigned estab : 1;
61     unsigned syn : 1;
62     unsigned finrst : 1;
63   } opt;
64 };
65 
66 #define	MAXFILTERS		40	/* in each filter set */
67 
68 struct filter {
69   struct filterent rule[MAXFILTERS];	/* incoming packet filter */
70   const char *name;
71   unsigned fragok : 1;
72   unsigned logok : 1;
73 };
74 
75 #define FL_IN		0
76 #define FL_OUT		1
77 #define FL_DIAL		2
78 #define FL_KEEP		3
79 
80 struct ipcp;
81 struct cmdargs;
82 
83 extern int ParseAddr(struct ipcp *, const char *, struct in_addr *,
84                      struct in_addr *, int *);
85 extern int filter_Show(struct cmdargs const *);
86 extern int filter_Set(struct cmdargs const *);
87 extern const char * filter_Action2Nam(int);
88 extern const char *filter_Proto2Nam(int);
89 extern const char *filter_Op2Nam(int);
90 extern struct in_addr bits2mask(int);
91 extern void filter_AdjustAddr(struct filter *, struct in_addr *,
92                               struct in_addr *);
93