1*2393Syz155240 /* 2*2393Syz155240 * Copyright (C) 1993-2001 by Darren Reed. 3*2393Syz155240 * 4*2393Syz155240 * See the IPFILTER.LICENCE file for details on licencing. 5*2393Syz155240 * 6*2393Syz155240 * @(#)ip_fil.h 1.35 6/5/96 7*2393Syz155240 * $Id: ipmon.h,v 2.8 2003/07/25 22:16:20 darrenr Exp $ 8*2393Syz155240 */ 9*2393Syz155240 10*2393Syz155240 11*2393Syz155240 typedef struct ipmon_action { 12*2393Syz155240 struct ipmon_action *ac_next; 13*2393Syz155240 int ac_mflag; /* collection of things to compare */ 14*2393Syz155240 int ac_dflag; /* flags to compliment the doing fields */ 15*2393Syz155240 int ac_syslog; /* = 1 to syslog rules. */ 16*2393Syz155240 char *ac_savefile; /* filename to save log records to */ 17*2393Syz155240 FILE *ac_savefp; 18*2393Syz155240 int ac_direction; 19*2393Syz155240 char ac_group[FR_GROUPLEN]; 20*2393Syz155240 char ac_nattag[16]; 21*2393Syz155240 u_32_t ac_logtag; 22*2393Syz155240 int ac_type; /* nat/state/ipf */ 23*2393Syz155240 int ac_proto; 24*2393Syz155240 int ac_rule; 25*2393Syz155240 int ac_packet; 26*2393Syz155240 int ac_second; 27*2393Syz155240 int ac_result; 28*2393Syz155240 u_32_t ac_sip; 29*2393Syz155240 u_32_t ac_smsk; 30*2393Syz155240 u_32_t ac_dip; 31*2393Syz155240 u_32_t ac_dmsk; 32*2393Syz155240 u_short ac_sport; 33*2393Syz155240 u_short ac_dport; 34*2393Syz155240 char *ac_exec; /* execute argument */ 35*2393Syz155240 char *ac_run; /* actual command that gets run */ 36*2393Syz155240 char *ac_iface; 37*2393Syz155240 /* 38*2393Syz155240 * used with ac_packet/ac_second 39*2393Syz155240 */ 40*2393Syz155240 struct timeval ac_last; 41*2393Syz155240 int ac_pktcnt; 42*2393Syz155240 } ipmon_action_t; 43*2393Syz155240 44*2393Syz155240 #define ac_lastsec ac_last.tv_sec 45*2393Syz155240 #define ac_lastusec ac_last.tv_usec 46*2393Syz155240 47*2393Syz155240 /* 48*2393Syz155240 * Flags indicating what fields to do matching upon (ac_mflag). 49*2393Syz155240 */ 50*2393Syz155240 #define IPMAC_DIRECTION 0x0001 51*2393Syz155240 #define IPMAC_DSTIP 0x0002 52*2393Syz155240 #define IPMAC_DSTPORT 0x0004 53*2393Syz155240 #define IPMAC_EVERY 0x0008 54*2393Syz155240 #define IPMAC_GROUP 0x0010 55*2393Syz155240 #define IPMAC_INTERFACE 0x0020 56*2393Syz155240 #define IPMAC_LOGTAG 0x0040 57*2393Syz155240 #define IPMAC_NATTAG 0x0080 58*2393Syz155240 #define IPMAC_PROTOCOL 0x0100 59*2393Syz155240 #define IPMAC_RESULT 0x0200 60*2393Syz155240 #define IPMAC_RULE 0x0400 61*2393Syz155240 #define IPMAC_SRCIP 0x0800 62*2393Syz155240 #define IPMAC_SRCPORT 0x1000 63*2393Syz155240 #define IPMAC_TYPE 0x2000 64*2393Syz155240 #define IPMAC_WITH 0x4000 65*2393Syz155240 66*2393Syz155240 #define IPMR_BLOCK 1 67*2393Syz155240 #define IPMR_PASS 2 68*2393Syz155240 #define IPMR_NOMATCH 3 69*2393Syz155240 #define IPMR_LOG 4 70*2393Syz155240 71*2393Syz155240 #define IPMDO_SAVERAW 0x0001 72*2393Syz155240 73*2393Syz155240 #define OPT_SYSLOG 0x001 74*2393Syz155240 #define OPT_RESOLVE 0x002 75*2393Syz155240 #define OPT_HEXBODY 0x004 76*2393Syz155240 #define OPT_VERBOSE 0x008 77*2393Syz155240 #define OPT_HEXHDR 0x010 78*2393Syz155240 #define OPT_TAIL 0x020 79*2393Syz155240 #define OPT_NAT 0x080 80*2393Syz155240 #define OPT_STATE 0x100 81*2393Syz155240 #define OPT_FILTER 0x200 82*2393Syz155240 #define OPT_PORTNUM 0x400 83*2393Syz155240 #define OPT_LOGALL (OPT_NAT|OPT_STATE|OPT_FILTER) 84*2393Syz155240 85*2393Syz155240 #define HOSTNAME_V4(a,b) hostname((a), 4, (u_32_t *)&(b)) 86*2393Syz155240 87*2393Syz155240 #ifndef LOGFAC 88*2393Syz155240 #define LOGFAC LOG_LOCAL0 89*2393Syz155240 #endif 90*2393Syz155240 91*2393Syz155240 extern int load_config __P((char *)); 92*2393Syz155240 extern void dumphex __P((FILE *, int, char *, int)); 93*2393Syz155240 extern int check_action __P((char *, char *, int, int)); 94*2393Syz155240 extern char *getword __P((int)); 95