1*11b3aaa1Schristos 2*11b3aaa1Schristos /* 3*11b3aaa1Schristos * Copyright (c) 2001 Daniel Hartmeier 4*11b3aaa1Schristos * All rights reserved. 5*11b3aaa1Schristos * 6*11b3aaa1Schristos * Redistribution and use in source and binary forms, with or without 7*11b3aaa1Schristos * modification, are permitted provided that the following conditions 8*11b3aaa1Schristos * are met: 9*11b3aaa1Schristos * 10*11b3aaa1Schristos * - Redistributions of source code must retain the above copyright 11*11b3aaa1Schristos * notice, this list of conditions and the following disclaimer. 12*11b3aaa1Schristos * - Redistributions in binary form must reproduce the above 13*11b3aaa1Schristos * copyright notice, this list of conditions and the following 14*11b3aaa1Schristos * disclaimer in the documentation and/or other materials provided 15*11b3aaa1Schristos * with the distribution. 16*11b3aaa1Schristos * 17*11b3aaa1Schristos * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18*11b3aaa1Schristos * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19*11b3aaa1Schristos * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 20*11b3aaa1Schristos * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 21*11b3aaa1Schristos * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 22*11b3aaa1Schristos * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23*11b3aaa1Schristos * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 24*11b3aaa1Schristos * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25*11b3aaa1Schristos * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26*11b3aaa1Schristos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 27*11b3aaa1Schristos * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28*11b3aaa1Schristos * POSSIBILITY OF SUCH DAMAGE. 29*11b3aaa1Schristos * 30*11b3aaa1Schristos * @(#) Header: /tcpdump/master/tcpdump/pf.h,v 1.2 2004/04/02 06:36:25 guy Exp (LBL) 31*11b3aaa1Schristos */ 32*11b3aaa1Schristos 33*11b3aaa1Schristos /* from $OpenBSD: pfvar.h,v 1.170 2003/08/22 21:50:34 david Exp $ */ 34*11b3aaa1Schristos 35*11b3aaa1Schristos enum { PF_INOUT=0, PF_IN=1, PF_OUT=2 }; 36*11b3aaa1Schristos enum { PF_PASS=0, PF_DROP=1, PF_SCRUB=2, PF_NAT=3, PF_NONAT=4, 37*11b3aaa1Schristos PF_BINAT=5, PF_NOBINAT=6, PF_RDR=7, PF_NORDR=8, PF_SYNPROXY_DROP=9 }; 38*11b3aaa1Schristos 39*11b3aaa1Schristos /* Reasons code for passing/dropping a packet */ 40*11b3aaa1Schristos #define PFRES_MATCH 0 /* Explicit match of a rule */ 41*11b3aaa1Schristos #define PFRES_BADOFF 1 /* Bad offset for pull_hdr */ 42*11b3aaa1Schristos #define PFRES_FRAG 2 /* Dropping following fragment */ 43*11b3aaa1Schristos #define PFRES_SHORT 3 /* Dropping short packet */ 44*11b3aaa1Schristos #define PFRES_NORM 4 /* Dropping by normalizer */ 45*11b3aaa1Schristos #define PFRES_MEMORY 5 /* Dropped due to lacking mem */ 46*11b3aaa1Schristos #define PFRES_MAX 6 /* total+1 */ 47*11b3aaa1Schristos 48*11b3aaa1Schristos #define PFRES_NAMES { \ 49*11b3aaa1Schristos "match", \ 50*11b3aaa1Schristos "bad-offset", \ 51*11b3aaa1Schristos "fragment", \ 52*11b3aaa1Schristos "short", \ 53*11b3aaa1Schristos "normalize", \ 54*11b3aaa1Schristos "memory", \ 55*11b3aaa1Schristos NULL \ 56*11b3aaa1Schristos } 57*11b3aaa1Schristos 58*11b3aaa1Schristos #define PF_RULESET_NAME_SIZE 16 59*11b3aaa1Schristos 60*11b3aaa1Schristos /* from $OpenBSD: if_pflog.h,v 1.9 2003/07/15 20:27:27 dhartmei Exp $ */ 61*11b3aaa1Schristos 62*11b3aaa1Schristos #ifndef IFNAMSIZ 63*11b3aaa1Schristos #define IFNAMSIZ 16 64*11b3aaa1Schristos #endif 65*11b3aaa1Schristos 66*11b3aaa1Schristos struct pfloghdr { 67*11b3aaa1Schristos u_int8_t length; 68*11b3aaa1Schristos u_int8_t af; 69*11b3aaa1Schristos u_int8_t action; 70*11b3aaa1Schristos u_int8_t reason; 71*11b3aaa1Schristos char ifname[IFNAMSIZ]; 72*11b3aaa1Schristos char ruleset[PF_RULESET_NAME_SIZE]; 73*11b3aaa1Schristos u_int32_t rulenr; 74*11b3aaa1Schristos u_int32_t subrulenr; 75*11b3aaa1Schristos u_int8_t dir; 76*11b3aaa1Schristos u_int8_t pad[3]; 77*11b3aaa1Schristos }; 78*11b3aaa1Schristos #define PFLOG_HDRLEN sizeof(struct pfloghdr) 79