| ipfw2.h (200567) | ipfw2.h (204591) |
|---|---|
| 1/* 2 * Copyright (c) 2002-2003 Luigi Rizzo 3 * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp 4 * Copyright (c) 1994 Ugen J.S.Antsilevich 5 * 6 * Idea and grammar partially left from: 7 * Copyright (c) 1993 Daniel Boulet 8 * 9 * Redistribution and use in source forms, with and without modification, 10 * are permitted provided that this entire comment appears intact. 11 * 12 * Redistribution in binary form may occur without any restrictions. 13 * Obviously, it would be nice if you gave credit where credit is due 14 * but requiring it would be too onerous. 15 * 16 * This software is provided ``AS IS'' without any warranties of any kind. 17 * 18 * NEW command line interface for IP firewall facility 19 * | 1/* 2 * Copyright (c) 2002-2003 Luigi Rizzo 3 * Copyright (c) 1996 Alex Nash, Paul Traina, Poul-Henning Kamp 4 * Copyright (c) 1994 Ugen J.S.Antsilevich 5 * 6 * Idea and grammar partially left from: 7 * Copyright (c) 1993 Daniel Boulet 8 * 9 * Redistribution and use in source forms, with and without modification, 10 * are permitted provided that this entire comment appears intact. 11 * 12 * Redistribution in binary form may occur without any restrictions. 13 * Obviously, it would be nice if you gave credit where credit is due 14 * but requiring it would be too onerous. 15 * 16 * This software is provided ``AS IS'' without any warranties of any kind. 17 * 18 * NEW command line interface for IP firewall facility 19 * |
| 20 * $FreeBSD: head/sbin/ipfw/ipfw2.h 200567 2009-12-15 09:46:27Z luigi $ | 20 * $FreeBSD: head/sbin/ipfw/ipfw2.h 204591 2010-03-02 17:40:48Z luigi $ |
| 21 */ 22 23/* 24 * Options that can be set on the command line. 25 * When reading commands from a file, a subset of the options can also 26 * be applied globally by specifying them before the file name. 27 * After that, each line can contain its own option that changes 28 * the global value. 29 * XXX The context is not restored after each line. 30 */ 31 32struct cmdline_opts { 33 /* boolean options: */ 34 int do_value_as_ip; /* show table value as IP */ 35 int do_resolv; /* try to resolve all ip to names */ 36 int do_time; /* Show time stamps */ 37 int do_quiet; /* Be quiet in add and flush */ | 21 */ 22 23/* 24 * Options that can be set on the command line. 25 * When reading commands from a file, a subset of the options can also 26 * be applied globally by specifying them before the file name. 27 * After that, each line can contain its own option that changes 28 * the global value. 29 * XXX The context is not restored after each line. 30 */ 31 32struct cmdline_opts { 33 /* boolean options: */ 34 int do_value_as_ip; /* show table value as IP */ 35 int do_resolv; /* try to resolve all ip to names */ 36 int do_time; /* Show time stamps */ 37 int do_quiet; /* Be quiet in add and flush */ |
| 38 int do_pipe; /* this cmd refers to a pipe */ | 38 int do_pipe; /* this cmd refers to a pipe/queue/sched */ |
| 39 int do_nat; /* this cmd refers to a nat config */ 40 int do_dynamic; /* display dynamic rules */ 41 int do_expired; /* display expired dynamic rules */ 42 int do_compact; /* show rules in compact mode */ 43 int do_force; /* do not ask for confirmation */ 44 int show_sets; /* display the set each rule belongs to */ 45 int test_only; /* only check syntax */ 46 int comment_only; /* only print action and comment */ --- 30 unchanged lines hidden (view full) --- 77 TOK_OR, 78 TOK_NOT, 79 TOK_STARTBRACE, 80 TOK_ENDBRACE, 81 82 TOK_ACCEPT, 83 TOK_COUNT, 84 TOK_PIPE, | 39 int do_nat; /* this cmd refers to a nat config */ 40 int do_dynamic; /* display dynamic rules */ 41 int do_expired; /* display expired dynamic rules */ 42 int do_compact; /* show rules in compact mode */ 43 int do_force; /* do not ask for confirmation */ 44 int show_sets; /* display the set each rule belongs to */ 45 int test_only; /* only check syntax */ 46 int comment_only; /* only print action and comment */ --- 30 unchanged lines hidden (view full) --- 77 TOK_OR, 78 TOK_NOT, 79 TOK_STARTBRACE, 80 TOK_ENDBRACE, 81 82 TOK_ACCEPT, 83 TOK_COUNT, 84 TOK_PIPE, |
| 85 TOK_LINK, |
|
| 85 TOK_QUEUE, | 86 TOK_QUEUE, |
| 87 TOK_FLOWSET, 88 TOK_SCHED, |
|
| 86 TOK_DIVERT, 87 TOK_TEE, 88 TOK_NETGRAPH, 89 TOK_NGTEE, 90 TOK_FORWARD, 91 TOK_SKIPTO, 92 TOK_DENY, 93 TOK_REJECT, --- 52 unchanged lines hidden (view full) --- 146 TOK_NOERROR, 147 TOK_BUCKETS, 148 TOK_DSTIP, 149 TOK_SRCIP, 150 TOK_DSTPORT, 151 TOK_SRCPORT, 152 TOK_ALL, 153 TOK_MASK, | 89 TOK_DIVERT, 90 TOK_TEE, 91 TOK_NETGRAPH, 92 TOK_NGTEE, 93 TOK_FORWARD, 94 TOK_SKIPTO, 95 TOK_DENY, 96 TOK_REJECT, --- 52 unchanged lines hidden (view full) --- 149 TOK_NOERROR, 150 TOK_BUCKETS, 151 TOK_DSTIP, 152 TOK_SRCIP, 153 TOK_DSTPORT, 154 TOK_SRCPORT, 155 TOK_ALL, 156 TOK_MASK, |
| 157 TOK_FLOW_MASK, 158 TOK_SCHED_MASK, |
|
| 154 TOK_BW, 155 TOK_DELAY, | 159 TOK_BW, 160 TOK_DELAY, |
| 156 TOK_PIPE_PROFILE, | 161 TOK_PROFILE, |
| 157 TOK_BURST, 158 TOK_RED, 159 TOK_GRED, 160 TOK_DROPTAIL, 161 TOK_PROTO, | 162 TOK_BURST, 163 TOK_RED, 164 TOK_GRED, 165 TOK_DROPTAIL, 166 TOK_PROTO, |
| 167 /* dummynet tokens */ |
|
| 162 TOK_WEIGHT, | 168 TOK_WEIGHT, |
| 169 TOK_LMAX, 170 TOK_PRI, 171 TOK_TYPE, 172 TOK_SLOTSIZE, 173 |
|
| 163 TOK_IP, 164 TOK_IF, 165 TOK_ALOG, 166 TOK_DENY_INC, 167 TOK_SAME_PORTS, 168 TOK_UNREG_ONLY, 169 TOK_RESET_ADDR, 170 TOK_ALIAS_REV, --- 16 unchanged lines hidden (view full) --- 187 TOK_FIB, 188 TOK_SETFIB, 189 TOK_LOOKUP, 190}; 191/* 192 * the following macro returns an error message if we run out of 193 * arguments. 194 */ | 174 TOK_IP, 175 TOK_IF, 176 TOK_ALOG, 177 TOK_DENY_INC, 178 TOK_SAME_PORTS, 179 TOK_UNREG_ONLY, 180 TOK_RESET_ADDR, 181 TOK_ALIAS_REV, --- 16 unchanged lines hidden (view full) --- 198 TOK_FIB, 199 TOK_SETFIB, 200 TOK_LOOKUP, 201}; 202/* 203 * the following macro returns an error message if we run out of 204 * arguments. 205 */ |
| 195#define NEED1(msg) {if (!ac) errx(EX_USAGE, msg);} | 206#define NEED(_p, msg) {if (!_p) errx(EX_USAGE, msg);} 207#define NEED1(msg) {if (!(*av)) errx(EX_USAGE, msg);} |
| 196 197unsigned long long align_uint64(const uint64_t *pll); 198 199/* memory allocation support */ 200void *safe_calloc(size_t number, size_t size); 201void *safe_realloc(void *ptr, size_t size); 202 203/* string comparison functions used for historical compatibility */ --- 27 unchanged lines hidden (view full) --- 231/* 232 * The reserved set numer. This is a constant in ip_fw.h 233 * but we store it in a variable so other files do not depend 234 * in that header just for one constant. 235 */ 236extern int resvd_set_number; 237 238/* first-level command handlers */ | 208 209unsigned long long align_uint64(const uint64_t *pll); 210 211/* memory allocation support */ 212void *safe_calloc(size_t number, size_t size); 213void *safe_realloc(void *ptr, size_t size); 214 215/* string comparison functions used for historical compatibility */ --- 27 unchanged lines hidden (view full) --- 243/* 244 * The reserved set numer. This is a constant in ip_fw.h 245 * but we store it in a variable so other files do not depend 246 * in that header just for one constant. 247 */ 248extern int resvd_set_number; 249 250/* first-level command handlers */ |
| 239void ipfw_add(int ac, char *av[]); | 251void ipfw_add(char *av[]); |
| 240void ipfw_show_nat(int ac, char **av); 241void ipfw_config_pipe(int ac, char **av); 242void ipfw_config_nat(int ac, char **av); | 252void ipfw_show_nat(int ac, char **av); 253void ipfw_config_pipe(int ac, char **av); 254void ipfw_config_nat(int ac, char **av); |
| 243void ipfw_sets_handler(int ac, char *av[]); | 255void ipfw_sets_handler(char *av[]); |
| 244void ipfw_table_handler(int ac, char *av[]); | 256void ipfw_table_handler(int ac, char *av[]); |
| 245void ipfw_sysctl_handler(int ac, char *av[], int which); 246void ipfw_delete(int ac, char *av[]); | 257void ipfw_sysctl_handler(char *av[], int which); 258void ipfw_delete(char *av[]); |
| 247void ipfw_flush(int force); 248void ipfw_zero(int ac, char *av[], int optname); 249void ipfw_list(int ac, char *av[], int show_counters); 250 251/* altq.c */ 252void altq_set_enabled(int enabled); 253u_int32_t altq_name_to_qid(const char *name); 254 255void print_altq_cmd(struct _ipfw_insn_altq *altqptr); 256 257/* dummynet.c */ | 259void ipfw_flush(int force); 260void ipfw_zero(int ac, char *av[], int optname); 261void ipfw_list(int ac, char *av[], int show_counters); 262 263/* altq.c */ 264void altq_set_enabled(int enabled); 265u_int32_t altq_name_to_qid(const char *name); 266 267void print_altq_cmd(struct _ipfw_insn_altq *altqptr); 268 269/* dummynet.c */ |
| 258void ipfw_list_pipes(void *data, uint nbytes, int ac, char *av[]); | 270void dummynet_list(int ac, char *av[], int show_counters); 271void dummynet_flush(void); |
| 259int ipfw_delete_pipe(int pipe_or_queue, int n); 260 261/* ipv6.c */ 262void print_unreach6_code(uint16_t code); 263void print_ip6(struct _ipfw_insn_ip6 *cmd, char const *s); 264void print_flow6id(struct _ipfw_insn_u32 *cmd); 265void print_icmp6types(struct _ipfw_insn_u32 *cmd); 266void print_ext6hdr(struct _ipfw_insn *cmd ); 267 268struct _ipfw_insn *add_srcip6(struct _ipfw_insn *cmd, char *av); 269struct _ipfw_insn *add_dstip6(struct _ipfw_insn *cmd, char *av); 270 271void fill_flow6(struct _ipfw_insn_u32 *cmd, char *av ); 272void fill_unreach6_code(u_short *codep, char *str); 273void fill_icmp6types(struct _ipfw_insn_icmp6 *cmd, char *av); 274int fill_ext6hdr(struct _ipfw_insn *cmd, char *av); | 272int ipfw_delete_pipe(int pipe_or_queue, int n); 273 274/* ipv6.c */ 275void print_unreach6_code(uint16_t code); 276void print_ip6(struct _ipfw_insn_ip6 *cmd, char const *s); 277void print_flow6id(struct _ipfw_insn_u32 *cmd); 278void print_icmp6types(struct _ipfw_insn_u32 *cmd); 279void print_ext6hdr(struct _ipfw_insn *cmd ); 280 281struct _ipfw_insn *add_srcip6(struct _ipfw_insn *cmd, char *av); 282struct _ipfw_insn *add_dstip6(struct _ipfw_insn *cmd, char *av); 283 284void fill_flow6(struct _ipfw_insn_u32 *cmd, char *av ); 285void fill_unreach6_code(u_short *codep, char *str); 286void fill_icmp6types(struct _ipfw_insn_icmp6 *cmd, char *av); 287int fill_ext6hdr(struct _ipfw_insn *cmd, char *av); |