1*b636d99dSDavid van Moolenbroek 2*b636d99dSDavid van Moolenbroek /* 3*b636d99dSDavid van Moolenbroek * Copyright (c) 2001 Daniel Hartmeier 4*b636d99dSDavid van Moolenbroek * All rights reserved. 5*b636d99dSDavid van Moolenbroek * 6*b636d99dSDavid van Moolenbroek * Redistribution and use in source and binary forms, with or without 7*b636d99dSDavid van Moolenbroek * modification, are permitted provided that the following conditions 8*b636d99dSDavid van Moolenbroek * are met: 9*b636d99dSDavid van Moolenbroek * 10*b636d99dSDavid van Moolenbroek * - Redistributions of source code must retain the above copyright 11*b636d99dSDavid van Moolenbroek * notice, this list of conditions and the following disclaimer. 12*b636d99dSDavid van Moolenbroek * - Redistributions in binary form must reproduce the above 13*b636d99dSDavid van Moolenbroek * copyright notice, this list of conditions and the following 14*b636d99dSDavid van Moolenbroek * disclaimer in the documentation and/or other materials provided 15*b636d99dSDavid van Moolenbroek * with the distribution. 16*b636d99dSDavid van Moolenbroek * 17*b636d99dSDavid van Moolenbroek * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18*b636d99dSDavid van Moolenbroek * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19*b636d99dSDavid van Moolenbroek * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 20*b636d99dSDavid van Moolenbroek * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 21*b636d99dSDavid van Moolenbroek * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 22*b636d99dSDavid van Moolenbroek * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 23*b636d99dSDavid van Moolenbroek * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 24*b636d99dSDavid van Moolenbroek * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 25*b636d99dSDavid van Moolenbroek * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26*b636d99dSDavid van Moolenbroek * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 27*b636d99dSDavid van Moolenbroek * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28*b636d99dSDavid van Moolenbroek * POSSIBILITY OF SUCH DAMAGE. 29*b636d99dSDavid van Moolenbroek * 30*b636d99dSDavid van Moolenbroek * @(#) Header: /tcpdump/master/tcpdump/pf.h,v 1.2 2004/04/02 06:36:25 guy Exp (LBL) 31*b636d99dSDavid van Moolenbroek */ 32*b636d99dSDavid van Moolenbroek 33*b636d99dSDavid van Moolenbroek /* from $OpenBSD: pfvar.h,v 1.170 2003/08/22 21:50:34 david Exp $ */ 34*b636d99dSDavid van Moolenbroek 35*b636d99dSDavid van Moolenbroek enum { PF_INOUT=0, PF_IN=1, PF_OUT=2 }; 36*b636d99dSDavid van Moolenbroek enum { PF_PASS=0, PF_DROP=1, PF_SCRUB=2, PF_NAT=3, PF_NONAT=4, 37*b636d99dSDavid van Moolenbroek PF_BINAT=5, PF_NOBINAT=6, PF_RDR=7, PF_NORDR=8, PF_SYNPROXY_DROP=9 }; 38*b636d99dSDavid van Moolenbroek 39*b636d99dSDavid van Moolenbroek /* Reasons code for passing/dropping a packet */ 40*b636d99dSDavid van Moolenbroek #define PFRES_MATCH 0 /* Explicit match of a rule */ 41*b636d99dSDavid van Moolenbroek #define PFRES_BADOFF 1 /* Bad offset for pull_hdr */ 42*b636d99dSDavid van Moolenbroek #define PFRES_FRAG 2 /* Dropping following fragment */ 43*b636d99dSDavid van Moolenbroek #define PFRES_SHORT 3 /* Dropping short packet */ 44*b636d99dSDavid van Moolenbroek #define PFRES_NORM 4 /* Dropping by normalizer */ 45*b636d99dSDavid van Moolenbroek #define PFRES_MEMORY 5 /* Dropped due to lacking mem */ 46*b636d99dSDavid van Moolenbroek #define PFRES_MAX 6 /* total+1 */ 47*b636d99dSDavid van Moolenbroek 48*b636d99dSDavid van Moolenbroek #define PFRES_NAMES { \ 49*b636d99dSDavid van Moolenbroek "match", \ 50*b636d99dSDavid van Moolenbroek "bad-offset", \ 51*b636d99dSDavid van Moolenbroek "fragment", \ 52*b636d99dSDavid van Moolenbroek "short", \ 53*b636d99dSDavid van Moolenbroek "normalize", \ 54*b636d99dSDavid van Moolenbroek "memory", \ 55*b636d99dSDavid van Moolenbroek NULL \ 56*b636d99dSDavid van Moolenbroek } 57*b636d99dSDavid van Moolenbroek 58*b636d99dSDavid van Moolenbroek #define PF_RULESET_NAME_SIZE 16 59*b636d99dSDavid van Moolenbroek 60*b636d99dSDavid van Moolenbroek /* from $OpenBSD: if_pflog.h,v 1.9 2003/07/15 20:27:27 dhartmei Exp $ */ 61*b636d99dSDavid van Moolenbroek 62*b636d99dSDavid van Moolenbroek #ifndef IFNAMSIZ 63*b636d99dSDavid van Moolenbroek #define IFNAMSIZ 16 64*b636d99dSDavid van Moolenbroek #endif 65*b636d99dSDavid van Moolenbroek 66*b636d99dSDavid van Moolenbroek struct pfloghdr { 67*b636d99dSDavid van Moolenbroek u_int8_t length; 68*b636d99dSDavid van Moolenbroek u_int8_t af; 69*b636d99dSDavid van Moolenbroek u_int8_t action; 70*b636d99dSDavid van Moolenbroek u_int8_t reason; 71*b636d99dSDavid van Moolenbroek char ifname[IFNAMSIZ]; 72*b636d99dSDavid van Moolenbroek char ruleset[PF_RULESET_NAME_SIZE]; 73*b636d99dSDavid van Moolenbroek u_int32_t rulenr; 74*b636d99dSDavid van Moolenbroek u_int32_t subrulenr; 75*b636d99dSDavid van Moolenbroek u_int8_t dir; 76*b636d99dSDavid van Moolenbroek u_int8_t pad[3]; 77*b636d99dSDavid van Moolenbroek }; 78*b636d99dSDavid van Moolenbroek #define PFLOG_HDRLEN sizeof(struct pfloghdr) 79