xref: /onnv-gate/usr/src/uts/common/sys/pfmod.h (revision 2760:38f12e308f6d) 
10Sstevel@tonic-gate /*
20Sstevel@tonic-gate  * CDDL HEADER START
30Sstevel@tonic-gate  *
40Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
5*2760Sdg199075  * Common Development and Distribution License (the "License").
6*2760Sdg199075  * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate  *
80Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate  * See the License for the specific language governing permissions
110Sstevel@tonic-gate  * and limitations under the License.
120Sstevel@tonic-gate  *
130Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate  *
190Sstevel@tonic-gate  * CDDL HEADER END
200Sstevel@tonic-gate  */
210Sstevel@tonic-gate /*
22*2760Sdg199075  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23*2760Sdg199075  * Use is subject to license terms.
240Sstevel@tonic-gate  */
250Sstevel@tonic-gate 
260Sstevel@tonic-gate #ifndef	_SYS_PFMOD_H
270Sstevel@tonic-gate #define	_SYS_PFMOD_H
280Sstevel@tonic-gate 
290Sstevel@tonic-gate #pragma ident	"%Z%%M%	%I%	%E% SMI"
300Sstevel@tonic-gate 
310Sstevel@tonic-gate #ifdef	__cplusplus
320Sstevel@tonic-gate extern "C" {
330Sstevel@tonic-gate #endif
340Sstevel@tonic-gate 
350Sstevel@tonic-gate /*
360Sstevel@tonic-gate  * Ioctls.
370Sstevel@tonic-gate  */
380Sstevel@tonic-gate #define	PFIOC		('P' << 8)
390Sstevel@tonic-gate #define	PFIOCSETF	(PFIOC|1)	/* replace current packet filter */
400Sstevel@tonic-gate 
410Sstevel@tonic-gate #define	ENMAXFILTERS	255		/* maximum filter short words */
420Sstevel@tonic-gate #define	PF_MAXFILTERS	2047		/* max short words for newpacketfilt */
430Sstevel@tonic-gate 
440Sstevel@tonic-gate /*
45*2760Sdg199075  * filter structure for SETF
460Sstevel@tonic-gate  */
470Sstevel@tonic-gate struct packetfilt {
480Sstevel@tonic-gate 	uchar_t	Pf_Priority;			/* priority of filter */
490Sstevel@tonic-gate 	uchar_t Pf_FilterLen;			/* length of filter cmd list */
500Sstevel@tonic-gate 	ushort_t Pf_Filter[ENMAXFILTERS];	/* filter command list */
510Sstevel@tonic-gate };
520Sstevel@tonic-gate 
530Sstevel@tonic-gate /*
540Sstevel@tonic-gate  * The extended packet filter structure
550Sstevel@tonic-gate  */
560Sstevel@tonic-gate struct Pf_ext_packetfilt {
570Sstevel@tonic-gate 	uchar_t	Pf_Priority;			/* priority of filter */
580Sstevel@tonic-gate 	unsigned int Pf_FilterLen;		/* length of filter cmd list */
590Sstevel@tonic-gate 	ushort_t Pf_Filter[PF_MAXFILTERS];	/* filter command list */
600Sstevel@tonic-gate };
610Sstevel@tonic-gate 
620Sstevel@tonic-gate /*
63*2760Sdg199075  * We now allow specification of up to MAXFILTERS (short) words of a filter
64*2760Sdg199075  * command list to be applied to incoming packets to determine if
65*2760Sdg199075  * those packets should be given to a particular open ethernet file.
66*2760Sdg199075  * Alternatively, PF_MAXFILTERS and Pf_ext_packetfilt structure can be
67*2760Sdg199075  * used in case even bigger filter command list is needed.
680Sstevel@tonic-gate  *
69*2760Sdg199075  * In this context, "word" means a short (16-bit) integer.
700Sstevel@tonic-gate  *
71*2760Sdg199075  * The filter command list is specified using ioctl().  Each filter command
72*2760Sdg199075  * list specifies a sequence of actions that leaves a boolean value on the
73*2760Sdg199075  * top of an internal stack.  There is also an offset register which is
74*2760Sdg199075  * initialized to zero.  Each word of the command list specifies an action
75*2760Sdg199075  * from the set {PUSHLIT, PUSHZERO, PUSHWORD+N, LOAD_OFFSET, BRTR, BRFL, POP}
76*2760Sdg199075  * (see #defines below for definitions), and a binary operator from the set
77*2760Sdg199075  * {EQ, LT, LE, GT, GE, AND, OR, XOR} which operates on the top two elements
78*2760Sdg199075  * of the stack and replaces them with its result.  The special action NOPUSH
79*2760Sdg199075  * and the special operator NOP can be used to only perform the binary
80*2760Sdg199075  * operation or to only push a value on the stack.
810Sstevel@tonic-gate  *
82*2760Sdg199075  * If the final value of the filter operation is true, then the packet is
83*2760Sdg199075  * accepted for the open file which specified the filter.
840Sstevel@tonic-gate  */
850Sstevel@tonic-gate 
86*2760Sdg199075 /* these must sum to sizeof (ushort_t)! */
870Sstevel@tonic-gate #define	ENF_NBPA	10			/* # bits / action */
880Sstevel@tonic-gate #define	ENF_NBPO	 6			/* # bits / operator */
890Sstevel@tonic-gate 
90*2760Sdg199075 /* binary operators */
910Sstevel@tonic-gate #define	ENF_NOP		(0 << ENF_NBPA)
920Sstevel@tonic-gate #define	ENF_EQ		(1 << ENF_NBPA)
930Sstevel@tonic-gate #define	ENF_LT		(2 << ENF_NBPA)
940Sstevel@tonic-gate #define	ENF_LE		(3 << ENF_NBPA)
950Sstevel@tonic-gate #define	ENF_GT		(4 << ENF_NBPA)
960Sstevel@tonic-gate #define	ENF_GE		(5 << ENF_NBPA)
970Sstevel@tonic-gate #define	ENF_AND		(6 << ENF_NBPA)
980Sstevel@tonic-gate #define	ENF_OR		(7 << ENF_NBPA)
990Sstevel@tonic-gate #define	ENF_XOR		(8 << ENF_NBPA)
1000Sstevel@tonic-gate #define	ENF_COR		(9 << ENF_NBPA)
1010Sstevel@tonic-gate #define	ENF_CAND	(10 << ENF_NBPA)
1020Sstevel@tonic-gate #define	ENF_CNOR	(11 << ENF_NBPA)
1030Sstevel@tonic-gate #define	ENF_CNAND	(12 << ENF_NBPA)
1040Sstevel@tonic-gate #define	ENF_NEQ		(13 << ENF_NBPA)
1050Sstevel@tonic-gate 
106*2760Sdg199075 /* stack actions */
1070Sstevel@tonic-gate #define	ENF_NOPUSH	0
108*2760Sdg199075 #define	ENF_PUSHLIT	1  /* Push the next word on the stack */
109*2760Sdg199075 #define	ENF_PUSHZERO	2  /* Push 0 on the stack */
110*2760Sdg199075 #define	ENF_PUSHONE	3  /* Push 1 on the stack */
111*2760Sdg199075 #define	ENF_PUSHFFFF	4  /* Push 0xffff on the stack */
112*2760Sdg199075 #define	ENF_PUSHFF00	5  /* Push 0xff00 on the stack */
113*2760Sdg199075 #define	ENF_PUSH00FF	6  /* Push 0x00ff on the stack */
114*2760Sdg199075 #define	ENF_LOAD_OFFSET	7  /* Load the next word into the offset register */
115*2760Sdg199075 #define	ENF_BRTR	8  /* Branch if the stack's top element is true */
116*2760Sdg199075 #define	ENF_BRFL	9  /* Branch if the stack's top element is false */
117*2760Sdg199075 #define	ENF_POP		10 /* Pop the top element from the stack */
1180Sstevel@tonic-gate #define	ENF_PUSHWORD	16
1190Sstevel@tonic-gate 
1200Sstevel@tonic-gate #ifdef	__cplusplus
1210Sstevel@tonic-gate }
1220Sstevel@tonic-gate #endif
1230Sstevel@tonic-gate 
1240Sstevel@tonic-gate #endif	/* _SYS_PFMOD_H */
125