174778Sbrian/* lint -save -library Flexelint comment for external headers */ 226026Sbrian 374778Sbrian/*- 485964Sbrian * Copyright (c) 2001 Charles Mott <cm@linktel.net> 577701Sbrian * All rights reserved. 677701Sbrian * 777701Sbrian * Redistribution and use in source and binary forms, with or without 877701Sbrian * modification, are permitted provided that the following conditions 977701Sbrian * are met: 1077701Sbrian * 1. Redistributions of source code must retain the above copyright 1177701Sbrian * notice, this list of conditions and the following disclaimer. 1277701Sbrian * 2. Redistributions in binary form must reproduce the above copyright 1377701Sbrian * notice, this list of conditions and the following disclaimer in the 1477701Sbrian * documentation and/or other materials provided with the distribution. 1577701Sbrian * 1677701Sbrian * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1777701Sbrian * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1877701Sbrian * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1977701Sbrian * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2077701Sbrian * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2177701Sbrian * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2277701Sbrian * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2377701Sbrian * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2477701Sbrian * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2577701Sbrian * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2677701Sbrian * SUCH DAMAGE. 2777701Sbrian * 2877701Sbrian * $FreeBSD: releng/10.2/sys/netinet/libalias/alias.h 223080 2011-06-14 13:35:24Z ae $ 2977701Sbrian */ 3077701Sbrian 31162674Spiso/* 3274778Sbrian * Alias.h defines the outside world interfaces for the packet aliasing 3374778Sbrian * software. 3499207Sbrian * 3574778Sbrian * This software is placed into the public domain with no restrictions on its 3674778Sbrian * distribution. 3774778Sbrian */ 3826026Sbrian 3926026Sbrian#ifndef _ALIAS_H_ 4074778Sbrian#define _ALIAS_H_ 4126026Sbrian 42162674Spiso#include <netinet/in_systm.h> 43162674Spiso#include <netinet/in.h> 44162674Spiso#include <netinet/ip.h> 45162674Spiso 46162674Spiso#define LIBALIAS_BUF_SIZE 128 47145931Sglebius#ifdef _KERNEL 48124621Sphk/* 49145931Sglebius * The kernel version of libalias does not support these features. 50145931Sglebius */ 51145931Sglebius#define NO_FW_PUNCH 52145931Sglebius#define NO_USE_SOCKETS 53145931Sglebius#endif 54145931Sglebius 55145931Sglebius/* 56124621Sphk * The external interface to libalias, the packet aliasing engine. 57124621Sphk * 58124621Sphk * There are two sets of functions: 59124621Sphk * 60124621Sphk * PacketAlias*() the old API which doesn't take an instance pointer 61124621Sphk * and therefore can only have one packet engine at a time. 62124621Sphk * 63127094Sdes * LibAlias*() the new API which takes as first argument a pointer to 64124621Sphk * the instance of the packet aliasing engine. 65124621Sphk * 66124621Sphk * The functions otherwise correspond to each other one for one, except 67127094Sdes * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were 68124621Sphk * were misnamed in the old API. 69124621Sphk */ 7026026Sbrian 71124621Sphk/* 72124621Sphk * The instance structure 73124621Sphk */ 74124621Sphkstruct libalias; 75124621Sphk 76124621Sphk/* 77124621Sphk * An anonymous structure, a pointer to which is returned from 78124621Sphk * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or 79124621Sphk * PacketAliasRedirectProto(), passed to PacketAliasAddServer(), 80124621Sphk * and freed by PacketAliasRedirectDelete(). 81124621Sphk */ 82127094Sdesstruct alias_link; 83124621Sphk 8474778Sbrian/* Initialization and control functions. */ 85127094Sdesstruct libalias *LibAliasInit(struct libalias *); 86127094Sdesvoid LibAliasSetAddress(struct libalias *, struct in_addr _addr); 87127094Sdesvoid LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num); 88127094Sdesvoid LibAliasSetSkinnyPort(struct libalias *, unsigned int _port); 89124621Sphkunsigned int 90127094Sdes LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask); 91127094Sdesvoid LibAliasUninit(struct libalias *); 92124621Sphk 93124621Sphk/* Packet Handling functions. */ 94127094Sdesint LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize); 95127094Sdesint LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize); 96131566Sphkint LibAliasOutTry(struct libalias *, char *_ptr, int _maxpacketsize, int _create); 97127094Sdesint LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize); 98124621Sphk 99124621Sphk/* Port and address redirection functions. */ 100124621Sphk 101127094Sdesint 102131614SdesLibAliasAddServer(struct libalias *, struct alias_link *_lnk, 103127094Sdes struct in_addr _addr, unsigned short _port); 104124621Sphkstruct alias_link * 105127094SdesLibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr, 106127094Sdes struct in_addr _alias_addr); 107131614Sdesint LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk); 108131614Sdesvoid LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk); 109124621Sphkstruct alias_link * 110127094SdesLibAliasRedirectPort(struct libalias *, struct in_addr _src_addr, 111127094Sdes unsigned short _src_port, struct in_addr _dst_addr, 112127094Sdes unsigned short _dst_port, struct in_addr _alias_addr, 113127094Sdes unsigned short _alias_port, unsigned char _proto); 114124621Sphkstruct alias_link * 115127094SdesLibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, 116127094Sdes struct in_addr _dst_addr, struct in_addr _alias_addr, 117127094Sdes unsigned char _proto); 118124621Sphk 119124621Sphk/* Fragment Handling functions. */ 120127094Sdesvoid LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment); 121127094Sdeschar *LibAliasGetFragment(struct libalias *, char *_ptr); 122127094Sdesint LibAliasSaveFragment(struct libalias *, char *_ptr); 123124621Sphk 124124621Sphk/* Miscellaneous functions. */ 125127094Sdesint LibAliasCheckNewLink(struct libalias *); 126124621Sphkunsigned short 127127094Sdes LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes); 128127094Sdesvoid LibAliasSetTarget(struct libalias *, struct in_addr _target_addr); 129124621Sphk 130124621Sphk/* Transparent proxying routines. */ 131127094Sdesint LibAliasProxyRule(struct libalias *, const char *_cmd); 132124621Sphk 133162674Spiso/* Module handling API */ 134162674Spisoint LibAliasLoadModule(char *); 135162674Spisoint LibAliasUnLoadAllModule(void); 136162674Spisoint LibAliasRefreshModules(void); 137124621Sphk 138164797Spiso/* Mbuf helper function. */ 139164797Spisostruct mbuf *m_megapullup(struct mbuf *, int); 140164797Spiso 141124621Sphk/* 142124621Sphk * Mode flags and other constants. 143124621Sphk */ 144124621Sphk 145124621Sphk 14674778Sbrian/* Mode flags, set using PacketAliasSetMode() */ 14763899Sarchie 14874778Sbrian/* 14974778Sbrian * If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log 15074778Sbrian * every time a link is created or deleted. This is useful for debugging. 15174778Sbrian */ 15274778Sbrian#define PKT_ALIAS_LOG 0x01 15327864Sbrian 15474778Sbrian/* 15574778Sbrian * If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp, 15674778Sbrian * telnet or web servers will be prevented by the aliasing mechanism. 15774778Sbrian */ 15874778Sbrian#define PKT_ALIAS_DENY_INCOMING 0x02 15959702Sru 16074778Sbrian/* 16174778Sbrian * If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the 16274778Sbrian * same port as they originated on. This allows e.g. rsh to work *99% of the 16374778Sbrian * time*, but _not_ 100% (it will be slightly flakey instead of not working 16474778Sbrian * at all). This mode bit is set by PacketAliasInit(), so it is a default 16574778Sbrian * mode of operation. 16674778Sbrian */ 16774778Sbrian#define PKT_ALIAS_SAME_PORTS 0x04 16844307Sbrian 16974778Sbrian/* 17074778Sbrian * If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g. 17174778Sbrian * destination port and/or address is zero), the packet aliasing engine will 17274778Sbrian * attempt to allocate a socket for the aliasing port it chooses. This will 17374778Sbrian * avoid interference with the host machine. Fully specified links do not 17474778Sbrian * require this. This bit is set after a call to PacketAliasInit(), so it is 17574778Sbrian * a default mode of operation. 17674778Sbrian */ 177145926Sglebius#ifndef NO_USE_SOCKETS 17874778Sbrian#define PKT_ALIAS_USE_SOCKETS 0x08 179145926Sglebius#endif 18074778Sbrian/*- 18174778Sbrian * If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with 18274778Sbrian * unregistered source addresses will be aliased. Private 18374778Sbrian * addresses are those in the following ranges: 18474778Sbrian * 18574778Sbrian * 10.0.0.0 -> 10.255.255.255 18674778Sbrian * 172.16.0.0 -> 172.31.255.255 18774778Sbrian * 192.168.0.0 -> 192.168.255.255 18874778Sbrian */ 18974778Sbrian#define PKT_ALIAS_UNREGISTERED_ONLY 0x10 19027864Sbrian 19174778Sbrian/* 19274778Sbrian * If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic 19374778Sbrian * aliasing links will be reset whenever PacketAliasSetAddress() changes the 19474778Sbrian * default aliasing address. If the default aliasing address is left 19574778Sbrian * unchanged by this function call, then the table of dynamic aliasing links 19674778Sbrian * will be left intact. This bit is set after a call to PacketAliasInit(). 19774778Sbrian */ 19874778Sbrian#define PKT_ALIAS_RESET_ON_ADDR_CHANGE 0x20 19927864Sbrian 20074778Sbrian/* 20174778Sbrian * If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only 20274778Sbrian * transparent proxying is performed. 20374778Sbrian */ 20474778Sbrian#define PKT_ALIAS_PROXY_ONLY 0x40 20544307Sbrian 20674778Sbrian/* 20774778Sbrian * If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and 20874778Sbrian * PacketAliasOut() are reversed. 20974778Sbrian */ 21074778Sbrian#define PKT_ALIAS_REVERSE 0x80 21144307Sbrian 212223077Sae#ifndef NO_FW_PUNCH 213223077Sae/* 214223077Sae * If PKT_ALIAS_PUNCH_FW is set, active FTP and IRC DCC connections will 215223077Sae * create a 'hole' in the firewall to allow the transfers to work. The 216223077Sae * ipfw rule number that the hole is created with is controlled by 217223077Sae * PacketAliasSetFWBase(). The hole will be attached to that 218223077Sae * particular alias_link, so when the link goes away the hole is deleted. 219223077Sae */ 220223077Sae#define PKT_ALIAS_PUNCH_FW 0x100 221223077Sae#endif 222223077Sae 223223080Sae/* 224223080Sae * If PKT_ALIAS_SKIP_GLOBAL is set, nat instance is not checked for matching 225223080Sae * states in 'ipfw nat global' rule. 226223080Sae */ 227223080Sae#define PKT_ALIAS_SKIP_GLOBAL 0x200 228223080Sae 22974778Sbrian/* Function return codes. */ 23074778Sbrian#define PKT_ALIAS_ERROR -1 23174778Sbrian#define PKT_ALIAS_OK 1 23274778Sbrian#define PKT_ALIAS_IGNORED 2 23374778Sbrian#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3 23474778Sbrian#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4 23526026Sbrian 236127094Sdes#endif /* !_ALIAS_H_ */ 23774778Sbrian 23874778Sbrian/* lint -restore */ 239