1d881c474Schristos /* 2d881c474Schristos * Copyright (c) 1982, 1986, 1993 3d881c474Schristos * The Regents of the University of California. All rights reserved. 4d881c474Schristos * 5d881c474Schristos * Redistribution and use in source and binary forms, with or without 6d881c474Schristos * modification, are permitted provided that the following conditions 7d881c474Schristos * are met: 8d881c474Schristos * 1. Redistributions of source code must retain the above copyright 9d881c474Schristos * notice, this list of conditions and the following disclaimer. 10d881c474Schristos * 2. Redistributions in binary form must reproduce the above copyright 11d881c474Schristos * notice, this list of conditions and the following disclaimer in the 12d881c474Schristos * documentation and/or other materials provided with the distribution. 13d881c474Schristos * 3. All advertising materials mentioning features or use of this software 14d881c474Schristos * must display the following acknowledgement: 15d881c474Schristos * This product includes software developed by the University of 16d881c474Schristos * California, Berkeley and its contributors. 17d881c474Schristos * 4. Neither the name of the University nor the names of its contributors 18d881c474Schristos * may be used to endorse or promote products derived from this software 19d881c474Schristos * without specific prior written permission. 20d881c474Schristos * 21d881c474Schristos * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22d881c474Schristos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23d881c474Schristos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24d881c474Schristos * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25d881c474Schristos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26d881c474Schristos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27d881c474Schristos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28d881c474Schristos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29d881c474Schristos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30d881c474Schristos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31d881c474Schristos * SUCH DAMAGE. 32d881c474Schristos */ 33d881c474Schristos 34d881c474Schristos /* 35d881c474Schristos * pflog headers, at least as they exist now. 36d881c474Schristos */ 37d881c474Schristos #define PFLOG_IFNAMSIZ 16 38d881c474Schristos #define PFLOG_RULESET_NAME_SIZE 16 39d881c474Schristos 40d881c474Schristos /* 41d881c474Schristos * Direction values. 42d881c474Schristos */ 43d881c474Schristos #define PF_INOUT 0 44d881c474Schristos #define PF_IN 1 45d881c474Schristos #define PF_OUT 2 46d881c474Schristos #if defined(__OpenBSD__) 47d881c474Schristos #define PF_FWD 3 48d881c474Schristos #endif 49d881c474Schristos 50d881c474Schristos /* 51d881c474Schristos * Reason values. 52d881c474Schristos */ 53d881c474Schristos #define PFRES_MATCH 0 54d881c474Schristos #define PFRES_BADOFF 1 55d881c474Schristos #define PFRES_FRAG 2 56d881c474Schristos #define PFRES_SHORT 3 57d881c474Schristos #define PFRES_NORM 4 58d881c474Schristos #define PFRES_MEMORY 5 59d881c474Schristos #define PFRES_TS 6 60d881c474Schristos #define PFRES_CONGEST 7 61d881c474Schristos #define PFRES_IPOPTIONS 8 62d881c474Schristos #define PFRES_PROTCKSUM 9 63d881c474Schristos #define PFRES_BADSTATE 10 64d881c474Schristos #define PFRES_STATEINS 11 65d881c474Schristos #define PFRES_MAXSTATES 12 66d881c474Schristos #define PFRES_SRCLIMIT 13 67d881c474Schristos #define PFRES_SYNPROXY 14 68d881c474Schristos #if defined(__FreeBSD__) 69d881c474Schristos #define PFRES_MAPFAILED 15 70d881c474Schristos #elif defined(__NetBSD__) 71d881c474Schristos #define PFRES_STATELOCKED 15 72d881c474Schristos #elif defined(__OpenBSD__) 73d881c474Schristos #define PFRES_TRANSLATE 15 74d881c474Schristos #define PFRES_NOROUTE 16 75d881c474Schristos #elif defined(__APPLE__) 76d881c474Schristos #define PFRES_DUMMYNET 15 77d881c474Schristos #endif 78d881c474Schristos 79d881c474Schristos /* 80d881c474Schristos * Action values. 81d881c474Schristos */ 82d881c474Schristos #define PF_PASS 0 83d881c474Schristos #define PF_DROP 1 84d881c474Schristos #define PF_SCRUB 2 85d881c474Schristos #define PF_NOSCRUB 3 86d881c474Schristos #define PF_NAT 4 87d881c474Schristos #define PF_NONAT 5 88d881c474Schristos #define PF_BINAT 6 89d881c474Schristos #define PF_NOBINAT 7 90d881c474Schristos #define PF_RDR 8 91d881c474Schristos #define PF_NORDR 9 92d881c474Schristos #define PF_SYNPROXY_DROP 10 93d881c474Schristos #if defined(__FreeBSD__) 94d881c474Schristos #define PF_DEFER 11 95d881c474Schristos #elif defined(__OpenBSD__) 96d881c474Schristos #define PF_DEFER 11 97d881c474Schristos #define PF_MATCH 12 98d881c474Schristos #define PF_DIVERT 13 99d881c474Schristos #define PF_RT 14 100d881c474Schristos #define PF_AFRT 15 101d881c474Schristos #elif defined(__APPLE__) 102d881c474Schristos #define PF_DUMMYNET 11 103d881c474Schristos #define PF_NODUMMYNET 12 104d881c474Schristos #define PF_NAT64 13 105d881c474Schristos #define PF_NONAT64 14 106d881c474Schristos #endif 107d881c474Schristos 108d881c474Schristos struct pf_addr { 109d881c474Schristos union { 110d881c474Schristos nd_ipv4 v4; 111d881c474Schristos nd_ipv6 v6; 112d881c474Schristos } pfa; /* 128-bit address */ 113d881c474Schristos #define v4 pfa.v4 114d881c474Schristos #define v6 pfa.v6 115d881c474Schristos }; 116d881c474Schristos 117d881c474Schristos struct pfloghdr { 118*c41df9f6Schristos nd_uint8_t length; 119*c41df9f6Schristos nd_uint8_t af; 120*c41df9f6Schristos nd_uint8_t action; 121*c41df9f6Schristos nd_uint8_t reason; 122d881c474Schristos char ifname[PFLOG_IFNAMSIZ]; 123d881c474Schristos char ruleset[PFLOG_RULESET_NAME_SIZE]; 124*c41df9f6Schristos nd_uint32_t rulenr; 125*c41df9f6Schristos nd_uint32_t subrulenr; 126*c41df9f6Schristos nd_uint32_t uid; 127*c41df9f6Schristos nd_int32_t pid; 128*c41df9f6Schristos nd_uint32_t rule_uid; 129*c41df9f6Schristos nd_int32_t rule_pid; 130*c41df9f6Schristos nd_uint8_t dir; 131*c41df9f6Schristos /* Minimum header length (without padding): 61 */ 132*c41df9f6Schristos #define MIN_PFLOG_HDRLEN 61 133d881c474Schristos #if defined(__OpenBSD__) 134*c41df9f6Schristos nd_uint8_t rewritten; 135*c41df9f6Schristos nd_uint8_t naf; 136*c41df9f6Schristos nd_uint8_t pad[1]; 137d881c474Schristos #else 138*c41df9f6Schristos nd_uint8_t pad[3]; 139d881c474Schristos #endif 140d881c474Schristos #if defined(__FreeBSD__) 141*c41df9f6Schristos nd_uint32_t ridentifier; 142*c41df9f6Schristos nd_uint8_t reserve; 143*c41df9f6Schristos nd_uint8_t pad2[3]; 144d881c474Schristos #elif defined(__OpenBSD__) 145d881c474Schristos struct pf_addr saddr; 146d881c474Schristos struct pf_addr daddr; 147*c41df9f6Schristos nd_uint16_t sport; 148*c41df9f6Schristos nd_uint16_t dport; 149d881c474Schristos #endif 150d881c474Schristos }; 151