xref: /onnv-gate/usr/src/uts/common/inet/ipf/ipf.h (revision 13093:48f2dbca79a2) 
12393Syz155240 /*
22393Syz155240  * Copyright (C) 1993-2001, 2003 by Darren Reed.
32393Syz155240  *
42393Syz155240  * See the IPFILTER.LICENCE file for details on licencing.
52393Syz155240  *
62393Syz155240  * @(#)ipf.h	1.12 6/5/96
72393Syz155240  * $Id: ipf.h,v 2.71.2.7 2005/06/12 07:18:31 darrenr Exp $
82393Syz155240  *
9*13093SRoger.Faulkner@Oracle.COM  * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
102393Syz155240  */
112393Syz155240 
122393Syz155240 #ifndef	__IPF_H__
132393Syz155240 #define	__IPF_H__
142393Syz155240 
152393Syz155240 #if defined(__osf__)
162393Syz155240 # define radix_mask ipf_radix_mask
172393Syz155240 # define radix_node ipf_radix_node
182393Syz155240 # define radix_node_head ipf_radix_node_head
192393Syz155240 #endif
202393Syz155240 
212393Syz155240 #include <sys/param.h>
222393Syz155240 #include <sys/types.h>
232393Syz155240 #include <sys/file.h>
242393Syz155240 /*
252393Syz155240  * This is a workaround for <sys/uio.h> troubles on FreeBSD, HPUX, OpenBSD.
262393Syz155240  * Needed here because on some systems <sys/uio.h> gets included by things
272393Syz155240  * like <sys/socket.h>
282393Syz155240  */
292393Syz155240 #ifndef _KERNEL
302393Syz155240 # define ADD_KERNEL
312393Syz155240 # define _KERNEL
322393Syz155240 # define KERNEL
332393Syz155240 #endif
342393Syz155240 #ifdef __OpenBSD__
352393Syz155240 struct file;
362393Syz155240 #endif
372393Syz155240 #include <sys/uio.h>
382393Syz155240 #ifdef ADD_KERNEL
392393Syz155240 # undef _KERNEL
402393Syz155240 # undef KERNEL
412393Syz155240 #endif
422393Syz155240 #include <sys/time.h>
432393Syz155240 #include <sys/socket.h>
442393Syz155240 #include <net/if.h>
452393Syz155240 #if __FreeBSD_version >= 300000
462393Syz155240 # include <net/if_var.h>
472393Syz155240 #endif
482393Syz155240 #include <netinet/in.h>
492393Syz155240 #include <netinet/in_systm.h>
502393Syz155240 #include <netinet/ip.h>
512393Syz155240 #include <netinet/ip_icmp.h>
522393Syz155240 #ifndef	TCP_PAWS_IDLE	/* IRIX */
532393Syz155240 # include <netinet/tcp.h>
542393Syz155240 #endif
552393Syz155240 #include <netinet/udp.h>
562393Syz155240 
572393Syz155240 #include <arpa/inet.h>
582393Syz155240 
592393Syz155240 #include <errno.h>
602393Syz155240 #include <limits.h>
612393Syz155240 #include <netdb.h>
622393Syz155240 #include <stdlib.h>
632393Syz155240 #include <stddef.h>
642393Syz155240 #include <stdio.h>
652393Syz155240 #if !defined(__SVR4) && !defined(__svr4__) && defined(sun)
662393Syz155240 # include <strings.h>
672393Syz155240 #endif
682393Syz155240 #include <string.h>
692393Syz155240 #include <unistd.h>
702393Syz155240 
713448Sdh155122 #include "netinet/ipf_stack.h"
722393Syz155240 #include "netinet/ip_compat.h"
732393Syz155240 #include "netinet/ip_fil.h"
742393Syz155240 #include "netinet/ip_nat.h"
752393Syz155240 #include "netinet/ip_frag.h"
762393Syz155240 #include "netinet/ip_state.h"
772393Syz155240 #include "netinet/ip_proxy.h"
782393Syz155240 #include "netinet/ip_auth.h"
792393Syz155240 #include "netinet/ip_lookup.h"
802393Syz155240 #include "netinet/ip_pool.h"
812393Syz155240 #ifdef IPFILTER_SCAN
822393Syz155240 #include "netinet/ip_scan.h"
832393Syz155240 #endif
842393Syz155240 #include "netinet/ip_htable.h"
852393Syz155240 #ifdef IPFILTER_SYNC
862393Syz155240 #include "netinet/ip_sync.h"
872393Syz155240 #endif
882393Syz155240 
892393Syz155240 #include "opts.h"
902393Syz155240 
912393Syz155240 #ifndef __P
922393Syz155240 # ifdef __STDC__
932393Syz155240 #  define	__P(x)	x
942393Syz155240 # else
952393Syz155240 #  define	__P(x)	()
962393Syz155240 # endif
972393Syz155240 #endif
982393Syz155240 #ifndef __STDC__
992393Syz155240 # undef		const
1002393Syz155240 # define	const
1012393Syz155240 #endif
1022393Syz155240 
1032393Syz155240 #ifndef	U_32_T
1042393Syz155240 # define	U_32_T	1
1052393Syz155240 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \
1062393Syz155240     defined(__sgi)
1072393Syz155240 typedef	u_int32_t	u_32_t;
1082393Syz155240 # else
1092393Syz155240 #  if defined(__alpha__) || defined(__alpha) || defined(_LP64)
1102393Syz155240 typedef unsigned int	u_32_t;
1112393Syz155240 #  else
1122393Syz155240 #   if SOLARIS2 >= 6
1132393Syz155240 typedef uint32_t	u_32_t;
1142393Syz155240 #   else
1152393Syz155240 typedef unsigned int	u_32_t;
1162393Syz155240 #   endif
1172393Syz155240 #  endif
1182393Syz155240 # endif /* __NetBSD__ || __OpenBSD__ || __FreeBSD__ || __sgi */
1192393Syz155240 #endif /* U_32_T */
1202393Syz155240 
1212393Syz155240 #ifndef	MAXHOSTNAMELEN
1222393Syz155240 # define	MAXHOSTNAMELEN	256
1232393Syz155240 #endif
1242393Syz155240 
1252393Syz155240 #define	MAX_ICMPCODE	16
1262393Syz155240 #define	MAX_ICMPTYPE	19
1272393Syz155240 
1282393Syz155240 
1292393Syz155240 struct	ipopt_names	{
1302393Syz155240 	int	on_value;
1312393Syz155240 	int	on_bit;
1322393Syz155240 	int	on_siz;
1332393Syz155240 	char	*on_name;
1342393Syz155240 };
1352393Syz155240 
1362393Syz155240 
1372393Syz155240 typedef struct  alist_s {
1382393Syz155240 	struct	alist_s	*al_next;
1392393Syz155240 	int		al_not;
1402393Syz155240 	sa_family_t	al_family;
1412393Syz155240 	i6addr_t	al_i6addr;
1422393Syz155240 	i6addr_t	al_i6mask;
1432393Syz155240 } alist_t;
1442393Syz155240 
1452393Syz155240 #define	al_addr	al_i6addr.in4_addr
1462393Syz155240 #define	al_mask	al_i6mask.in4_addr
1472393Syz155240 #define	al_1	al_addr
1482393Syz155240 #define	al_2	al_mask
1492393Syz155240 
1502393Syz155240 
1512393Syz155240 typedef	struct	{
1522393Syz155240 	u_short	fb_c;
1532393Syz155240 	u_char	fb_t;
1542393Syz155240 	u_char	fb_f;
1552393Syz155240 	u_32_t	fb_k;
1562393Syz155240 } fakebpf_t;
1572393Syz155240 
1582393Syz155240 
1592393Syz155240 #if defined(__NetBSD__) || defined(__OpenBSD__) || \
1602393Syz155240         (_BSDI_VERSION >= 199701) || (__FreeBSD_version >= 300000) || \
1612393Syz155240 	SOLARIS || defined(__sgi) || defined(__osf__) || defined(linux)
1622393Syz155240 # include <stdarg.h>
1632393Syz155240 typedef	int	(* ioctlfunc_t) __P((int, ioctlcmd_t, ...));
1642393Syz155240 #else
1652393Syz155240 typedef	int	(* ioctlfunc_t) __P((dev_t, ioctlcmd_t, void *));
1662393Syz155240 #endif
1672393Syz155240 typedef	void	(* addfunc_t) __P((int, ioctlfunc_t, void *));
1682393Syz155240 typedef	int	(* copyfunc_t) __P((void *, void *, size_t));
1692393Syz155240 
1702393Syz155240 
1712393Syz155240 /*
1722393Syz155240  * SunOS4
1732393Syz155240  */
1742393Syz155240 #if defined(sun) && !defined(__SVR4) && !defined(__svr4__)
1752393Syz155240 extern	int	ioctl __P((int, int, void *));
1762393Syz155240 #endif
1772393Syz155240 
1782393Syz155240 extern	char	thishost[];
1792393Syz155240 extern	char	flagset[];
1802393Syz155240 extern	u_char	flags[];
1812393Syz155240 extern	struct ipopt_names ionames[];
1822393Syz155240 extern	struct ipopt_names secclass[];
1832393Syz155240 extern	char	*icmpcodes[MAX_ICMPCODE + 1];
1842393Syz155240 extern	char	*icmptypes[MAX_ICMPTYPE + 1];
1852393Syz155240 extern	int	use_inet6;
1862393Syz155240 extern	int	lineNum;
1872393Syz155240 extern	struct ipopt_names v6ionames[];
1882393Syz155240 
1892393Syz155240 
1902393Syz155240 extern int addicmp __P((char ***, struct frentry *, int));
1912393Syz155240 extern int addipopt __P((char *, struct ipopt_names *, int, char *));
1922393Syz155240 extern int addkeep __P((char ***, struct frentry *, int));
1932393Syz155240 extern int bcopywrap __P((void *, void *, size_t));
1942393Syz155240 extern void binprint __P((void *, size_t));
1952393Syz155240 extern void initparse __P((void));
1962393Syz155240 extern u_32_t buildopts __P((char *, char *, int));
1972393Syz155240 extern int checkrev __P((char *));
1982393Syz155240 extern int count6bits __P((u_32_t *));
1992393Syz155240 extern int count4bits __P((u_32_t));
2002393Syz155240 extern int extras __P((char ***, struct frentry *, int));
2012393Syz155240 extern char *fac_toname __P((int));
2022393Syz155240 extern int fac_findname __P((char *));
2032393Syz155240 extern void fill6bits __P((int, u_int *));
2042609Sjojemann extern int gethost __P((char *, i6addr_t *, int));
2052393Syz155240 extern int getport __P((struct frentry *, char *, u_short *));
2062393Syz155240 extern int getportproto __P((char *, int));
2072393Syz155240 extern int getproto __P((char *));
208*13093SRoger.Faulkner@Oracle.COM extern char *getaline __P((char *, size_t, FILE *, int *));
2092393Syz155240 extern int genmask __P((char *, u_32_t *));
2103448Sdh155122 extern char *getnattype __P((struct nat *, int));
2112393Syz155240 extern char *getsumd __P((u_32_t));
2122393Syz155240 extern u_32_t getoptbyname __P((char *));
2132393Syz155240 extern u_32_t getoptbyvalue __P((int));
2142393Syz155240 extern u_32_t getv6optbyname __P((char *));
2152393Syz155240 extern u_32_t getv6optbyvalue __P((int));
2162393Syz155240 extern void hexdump __P((FILE *, void *, int, int));
2172393Syz155240 extern int icmpcode __P((char *));
2182393Syz155240 extern void initparse __P((void));
2192393Syz155240 extern void ipf_dotuning __P((int, char *, ioctlfunc_t));
2202393Syz155240 extern void ipf_addrule __P((int, ioctlfunc_t, void *));
2212393Syz155240 extern int ipf_parsefile __P((int, addfunc_t, ioctlfunc_t *, char *));
2222393Syz155240 extern int ipf_parsesome __P((int, addfunc_t, ioctlfunc_t *, FILE *));
2232393Syz155240 extern int ipmon_parsefile __P((char *));
2242393Syz155240 extern int ipmon_parsesome __P((FILE *));
2252393Syz155240 extern void ipnat_addrule __P((int, ioctlfunc_t, void *));
2262393Syz155240 extern int ipnat_parsefile __P((int, addfunc_t, ioctlfunc_t, char *));
2272393Syz155240 extern int ipnat_parsesome __P((int, addfunc_t, ioctlfunc_t, FILE *));
2282393Syz155240 extern int ippool_parsefile __P((int, char *, ioctlfunc_t));
2292393Syz155240 extern int ippool_parsesome __P((int, FILE *, ioctlfunc_t));
2302393Syz155240 extern int kmemcpywrap __P((void *, void *, size_t));
2312393Syz155240 extern char *kvatoname __P((ipfunc_t, ioctlfunc_t));
2322393Syz155240 extern int load_hash __P((struct iphtable_s *, struct iphtent_s *,
2332393Syz155240 			  ioctlfunc_t));
2342393Syz155240 extern int load_hashnode __P((int, char *, struct iphtent_s *, ioctlfunc_t));
2352393Syz155240 extern int load_pool __P((struct ip_pool_s *list, ioctlfunc_t));
2362393Syz155240 extern int load_poolnode __P((int, char *, ip_pool_node_t *, ioctlfunc_t));
2372393Syz155240 extern int loglevel __P((char **, u_int *, int));
2382393Syz155240 extern alist_t *make_range __P((int, struct in_addr, struct in_addr));
2392393Syz155240 extern ipfunc_t nametokva __P((char *, ioctlfunc_t));
2402393Syz155240 extern void nat_setgroupmap __P((struct ipnat *));
2412393Syz155240 extern int ntomask __P((int, int, u_32_t *));
2422393Syz155240 extern u_32_t optname __P((char ***, u_short *, int));
2432393Syz155240 extern struct frentry *parse __P((char *, int));
2442393Syz155240 extern char *portname __P((int, int));
2452393Syz155240 extern int portnum __P((char *, char *, u_short *, int));
2462393Syz155240 extern int ports __P((char ***, char *, u_short *, int *, u_short *, int));
2472393Syz155240 extern int pri_findname __P((char *));
2482393Syz155240 extern char *pri_toname __P((int));
2492393Syz155240 extern void print_toif __P((char *, struct frdest *));
2507176Syx160601 extern void printaddr __P((int, int, char *, u_32_t *, u_32_t *));
2512393Syz155240 extern void printaps __P((ap_session_t *, int));
2522393Syz155240 extern void printbuf __P((char *, int, int));
2532393Syz155240 extern void printfr __P((struct frentry *, ioctlfunc_t));
2543448Sdh155122 extern struct iphtable_s *printhash_live __P((struct iphtable_s *, int, char*, int));
2553448Sdh155122 extern void printhashdata __P((struct iphtable_s *, int));
2562393Syz155240 extern void printtunable __P((ipftune_t *));
2572393Syz155240 extern struct iphtable_s *printhash __P((struct iphtable_s *, copyfunc_t,
2582393Syz155240 					 char *, int));
2592393Syz155240 extern struct iphtent_s *printhashnode __P((struct iphtable_s *,
2602393Syz155240 					    struct iphtent_s *,
2612393Syz155240 					    copyfunc_t, int));
2622393Syz155240 extern void printhostmask __P((int, u_32_t *, u_32_t *));
2632393Syz155240 extern void printip __P((u_32_t *));
2642393Syz155240 extern void printlog __P((struct frentry *));
2652393Syz155240 extern void printlookup __P((i6addr_t *addr, i6addr_t *mask));
2662393Syz155240 extern void printmask __P((int, u_32_t *));
2672393Syz155240 extern void printpacket __P((struct ip *));
2682393Syz155240 extern void printpacket6 __P((struct ip *));
2692393Syz155240 extern struct ip_pool_s *printpool __P((struct ip_pool_s *, copyfunc_t,
2702393Syz155240 					char *, int));
2713448Sdh155122 extern struct ip_pool_s *printpool_live __P((struct ip_pool_s *, int, char*, int));
2723448Sdh155122 extern void printpooldata __P((struct ip_pool_s *, int));
2732393Syz155240 extern struct ip_pool_node *printpoolnode __P((struct ip_pool_node *, int));
2742393Syz155240 extern void printproto __P((struct protoent *, int, struct ipnat *));
2752393Syz155240 extern void printportcmp __P((int, struct frpcmp *));
2762393Syz155240 extern void optprint __P((u_short *, u_long, u_long));
2772393Syz155240 #ifdef	USE_INET6
2782393Syz155240 extern void optprintv6 __P((u_short *, u_long, u_long));
2792393Syz155240 #endif
2802393Syz155240 extern int ratoi __P((char *, int *, int, int));
2812393Syz155240 extern int ratoui __P((char *, u_int *, u_int, u_int));
2822393Syz155240 extern int remove_hash __P((struct iphtable_s *, ioctlfunc_t));
2832393Syz155240 extern int remove_hashnode __P((int, char *, struct iphtent_s *, ioctlfunc_t));
2842393Syz155240 extern int remove_pool __P((ip_pool_t *, ioctlfunc_t));
2852393Syz155240 extern int remove_poolnode __P((int, char *, ip_pool_node_t *, ioctlfunc_t));
2862393Syz155240 extern u_char tcp_flags __P((char *, u_char *, int));
2872393Syz155240 extern u_char tcpflags __P((char *));
2882393Syz155240 extern void printc __P((struct frentry *));
2892393Syz155240 extern void printC __P((int));
2902393Syz155240 extern void emit __P((int, int, void *, struct frentry *));
2912393Syz155240 extern u_char secbit __P((int));
2922393Syz155240 extern u_char seclevel __P((char *));
2932393Syz155240 extern void printfraginfo __P((char *, struct ipfr *));
2942393Syz155240 extern void printifname __P((char *, char *, void *));
2952393Syz155240 extern char *hostname __P((int, void *));
2962393Syz155240 extern struct ipstate *printstate __P((struct ipstate *, int, u_long));
2972393Syz155240 extern void printsbuf __P((char *));
2982393Syz155240 extern void printnat __P((struct ipnat *, int));
2997176Syx160601 extern void printactiveaddress __P((int, char *, i6addr_t *, char *));
3003448Sdh155122 extern void printactivenat __P((struct nat *, int, int));
3012393Syz155240 extern void printhostmap __P((struct hostmap *, u_int));
3022393Syz155240 extern void printpacket __P((struct ip *));
3032393Syz155240 
3042393Syz155240 extern void set_variable __P((char *, char *));
3052393Syz155240 extern char *get_variable __P((char *, char **, int));
3062393Syz155240 extern void resetlexer __P((void));
3072393Syz155240 
3082393Syz155240 #if SOLARIS
3092393Syz155240 extern int gethostname __P((char *, int ));
3102393Syz155240 extern void sync __P((void));
3112393Syz155240 #endif
3122393Syz155240 
3132393Syz155240 #endif /* __IPF_H__ */
314