xref: /dragonfly/sys/net/ipfw3_basic/ip_fw3_state.h (revision 4408d5485757eef6e44859025e931d1c1b6746c4)
1  /*
2  * Copyright (c) 2014 - 2018 The DragonFly Project.  All rights reserved.
3  *
4  * This code is derived from software contributed to The DragonFly Project
5  * by Bill Yuan <bycn82@dragonflybsd.org>
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * 1. Redistributions of source code must retain the above copyright
12  *    notice, this list of conditions and the following disclaimer.
13  * 2. Redistributions in binary form must reproduce the above copyright
14  *    notice, this list of conditions and the following disclaimer in
15  *    the documentation and/or other materials provided with the
16  *    distribution.
17  * 3. Neither the name of The DragonFly Project nor the names of its
18  *    contributors may be used to endorse or promote products derived
19  *    from this software without specific, prior written permission.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22  * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
24  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
25  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
26  * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
27  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
28  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
29  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
30  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
31  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32  * SUCH DAMAGE.
33  */
34 #ifndef _IP_FW3_STATE_H
35 #define _IP_FW3_STATE_H
36 
37 struct ipfw3_ioc_state {
38           struct in_addr                src_addr;
39           struct in_addr                dst_addr;
40           u_short                       src_port;
41           u_short                       dst_port;
42           int                           rule_id;
43           int                           cpu_id;
44           int                           proto;
45           int                           direction;
46           time_t                        life;
47 };
48 
49 #define LEN_IOC_FW3_STATE sizeof(struct ipfw3_ioc_state);
50 
51 
52 #ifdef _KERNEL
53 
54 
55 
56 struct ipfw3_state {
57           RB_ENTRY(ipfw3_state)         entries;
58           uint32_t            src_addr;
59           uint32_t            dst_addr;
60           uint16_t            src_port;
61           uint16_t            dst_port;
62           struct ip_fw                  *stub;
63           time_t                        timestamp;
64 };
65 #define LEN_FW3_STATE sizeof(struct ipfw3_state)
66 
67 int       ip_fw3_state_cmp(struct ipfw3_state *s1, struct ipfw3_state *s2);
68 
69 RB_HEAD(fw3_state_tree, ipfw3_state);
70 RB_PROTOTYPE(fw3_state_tree, ipfw3_state, entries, ip_fw3_state_cmp);
71 
72 /* place to hold the states */
73 struct ipfw3_state_context {
74           struct fw3_state_tree         rb_tcp_in;
75           struct fw3_state_tree         rb_tcp_out;
76           struct fw3_state_tree         rb_udp_in;
77           struct fw3_state_tree         rb_udp_out;
78           struct fw3_state_tree         rb_icmp_in;
79           struct fw3_state_tree         rb_icmp_out;
80 
81           int                 count_tcp_in;
82           int                 count_tcp_out;
83           int                 count_udp_in;
84           int                 count_udp_out;
85           int                 count_icmp_in;
86           int                 count_icmp_out;
87 };
88 #define LEN_STATE_CTX sizeof(struct ipfw3_state_context)
89 
90 void      check_check_state(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
91                     struct ip_fw **f, ipfw_insn *cmd, uint16_t ip_len);
92 void      check_keep_state(int *cmd_ctl, int *cmd_val, struct ip_fw_args **args,
93                     struct ip_fw **f, ipfw_insn *cmd, uint16_t ip_len);
94 
95 void      ip_fw3_state_flush_dispatch(netmsg_t nmsg);
96 void      ip_fw3_state_flush(struct ip_fw *rule);
97 
98 void      ip_fw3_state_cleanup_dispatch(netmsg_t nmsg);
99 void      ip_fw3_state_cleanup(void *dummy __unused);
100 void      ip_fw3_state_append_dispatch(netmsg_t nmsg);
101 void      ip_fw3_state_delete_dispatch(netmsg_t nmsg);
102 int       ip_fw3_ctl_state_add(struct sockopt *sopt);
103 int       ip_fw3_ctl_state_delete(struct sockopt *sopt);
104 int       ip_fw3_ctl_state_flush(struct sockopt *sopt);
105 int       ip_fw3_ctl_state_get(struct sockopt *sopt);
106 int       ip_fw3_ctl_state_sockopt(struct sockopt *sopt);
107 void      ip_fw3_state_init_dispatch(netmsg_t msg);
108 void      ip_fw3_state_fini_dispatch(netmsg_t msg);
109 void      ip_fw3_state_fini(void);
110 void      ip_fw3_state_init(void);
111 void      ip_fw3_state_modevent(int type);
112 #endif    /* _KERNEL */
113 #endif
114