alias.h revision 77701
156639Speter/* lint -save -library Flexelint comment for external headers */ 250276Speter 350276Speter/*- 450276Speter * Copyright (c) 2001 Charles Mott <cmott@scientech.com> 550276Speter * All rights reserved. 650276Speter * 750276Speter * Redistribution and use in source and binary forms, with or without 850276Speter * modification, are permitted provided that the following conditions 950276Speter * are met: 1050276Speter * 1. Redistributions of source code must retain the above copyright 1150276Speter * notice, this list of conditions and the following disclaimer. 1250276Speter * 2. Redistributions in binary form must reproduce the above copyright 1350276Speter * notice, this list of conditions and the following disclaimer in the 1450276Speter * documentation and/or other materials provided with the distribution. 1550276Speter * 1650276Speter * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1750276Speter * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 1850276Speter * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 1950276Speter * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2050276Speter * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2150276Speter * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2250276Speter * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2350276Speter * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2450276Speter * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2550276Speter * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2650276Speter * SUCH DAMAGE. 2750276Speter * 2850276Speter * $FreeBSD: head/sys/netinet/libalias/alias.h 77701 2001-06-04 15:09:51Z brian $ 2950276Speter */ 3050276Speter 3150276Speter/*- 3250276Speter * Alias.h defines the outside world interfaces for the packet aliasing 3350276Speter * software. 3450276Speter * 3550276Speter * This software is placed into the public domain with no restrictions on its 3650276Speter * distribution. 3750276Speter */ 3850276Speter 3950276Speter#ifndef _ALIAS_H_ 4050276Speter#define _ALIAS_H_ 4150276Speter 4250276Speter/* The external interface to libalias, the packet aliasing engine. */ 4350276Speter 4450276Speter/* Initialization and control functions. */ 4550276Spetervoid PacketAliasInit(void); 4650276Spetervoid PacketAliasSetAddress(struct in_addr _addr); 4750276Spetervoid PacketAliasSetFWBase(unsigned int _base, unsigned int _num); 4856639Speterunsigned int 4950276Speter PacketAliasSetMode(unsigned int _flags, unsigned int _mask); 5050276Spetervoid PacketAliasUninit(void); 5150276Speter 5250276Speter/* Packet Handling functions. */ 5350276Speterint PacketAliasIn(char *_ptr, int _maxpacketsize); 5450276Speterint PacketAliasOut(char *_ptr, int _maxpacketsize); 5550276Speterint PacketUnaliasOut(char *_ptr, int _maxpacketsize); 5650276Speter 5750276Speter/* Port and address redirection functions. */ 5850276Speter 5950276Speter/* 6050276Speter * An anonymous structure, a pointer to which is returned from 6150276Speter * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or 6250276Speter * PacketAliasRedirectProto(), passed to PacketAliasAddServer(), 6350276Speter * and freed by PacketAliasRedirectDelete(). 6450276Speter */ 6550276Speterstruct alias_link; 6650276Speter 6750276Speterint PacketAliasAddServer(struct alias_link *_link, 6850276Speter struct in_addr _addr, unsigned short _port); 6950276Speterstruct alias_link * 7050276Speter PacketAliasRedirectAddr(struct in_addr _src_addr, 7150276Speter struct in_addr _alias_addr); 7250276Spetervoid PacketAliasRedirectDelete(struct alias_link *_link); 7350276Speterstruct alias_link * 7450276Speter PacketAliasRedirectPort(struct in_addr _src_addr, 7550276Speter unsigned short _src_port, struct in_addr _dst_addr, 7650276Speter unsigned short _dst_port, struct in_addr _alias_addr, 7750276Speter unsigned short _alias_port, unsigned char _proto); 7850276Speterstruct alias_link * 7950276Speter PacketAliasRedirectProto(struct in_addr _src_addr, 8050276Speter struct in_addr _dst_addr, struct in_addr _alias_addr, 8150276Speter unsigned char _proto); 8250276Speter 8350276Speter/* Fragment Handling functions. */ 8450276Spetervoid PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment); 8550276Speterchar *PacketAliasGetFragment(char *_ptr); 8650276Speterint PacketAliasSaveFragment(char *_ptr); 8750276Speter 8850276Speter/* Miscellaneous functions. */ 8950276Speterint PacketAliasCheckNewLink(void); 9050276Speterunsigned short 9150276Speter PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes); 9250276Spetervoid PacketAliasSetTarget(struct in_addr _target_addr); 9350276Speter 9450276Speter/* Transparent proxying routines. */ 9550276Speterint PacketAliasProxyRule(const char *_cmd); 9650276Speter 9750276Speter/* Mode flags, set using PacketAliasSetMode() */ 9850276Speter 9950276Speter/* 10050276Speter * If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log 10150276Speter * every time a link is created or deleted. This is useful for debugging. 10250276Speter */ 10350276Speter#define PKT_ALIAS_LOG 0x01 10450276Speter 10550276Speter/* 10650276Speter * If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp, 10750276Speter * telnet or web servers will be prevented by the aliasing mechanism. 10850276Speter */ 10950276Speter#define PKT_ALIAS_DENY_INCOMING 0x02 11050276Speter 11150276Speter/* 11250276Speter * If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the 11350276Speter * same port as they originated on. This allows e.g. rsh to work *99% of the 114 * time*, but _not_ 100% (it will be slightly flakey instead of not working 115 * at all). This mode bit is set by PacketAliasInit(), so it is a default 116 * mode of operation. 117 */ 118#define PKT_ALIAS_SAME_PORTS 0x04 119 120/* 121 * If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g. 122 * destination port and/or address is zero), the packet aliasing engine will 123 * attempt to allocate a socket for the aliasing port it chooses. This will 124 * avoid interference with the host machine. Fully specified links do not 125 * require this. This bit is set after a call to PacketAliasInit(), so it is 126 * a default mode of operation. 127 */ 128#define PKT_ALIAS_USE_SOCKETS 0x08 129 130/*- 131 * If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with 132 * unregistered source addresses will be aliased. Private 133 * addresses are those in the following ranges: 134 * 135 * 10.0.0.0 -> 10.255.255.255 136 * 172.16.0.0 -> 172.31.255.255 137 * 192.168.0.0 -> 192.168.255.255 138 */ 139#define PKT_ALIAS_UNREGISTERED_ONLY 0x10 140 141/* 142 * If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic 143 * aliasing links will be reset whenever PacketAliasSetAddress() changes the 144 * default aliasing address. If the default aliasing address is left 145 * unchanged by this function call, then the table of dynamic aliasing links 146 * will be left intact. This bit is set after a call to PacketAliasInit(). 147 */ 148#define PKT_ALIAS_RESET_ON_ADDR_CHANGE 0x20 149 150#ifndef NO_FW_PUNCH 151/* 152 * If PKT_ALIAS_PUNCH_FW is set, active FTP and IRC DCC connections will 153 * create a 'hole' in the firewall to allow the transfers to work. The 154 * ipfw rule number that the hole is created with is controlled by 155 * PacketAliasSetFWBase(). The hole will be attached to that 156 * particular alias_link, so when the link goes away the hole is deleted. 157 */ 158#define PKT_ALIAS_PUNCH_FW 0x100 159#endif 160 161/* 162 * If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only 163 * transparent proxying is performed. 164 */ 165#define PKT_ALIAS_PROXY_ONLY 0x40 166 167/* 168 * If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and 169 * PacketAliasOut() are reversed. 170 */ 171#define PKT_ALIAS_REVERSE 0x80 172 173/* Function return codes. */ 174#define PKT_ALIAS_ERROR -1 175#define PKT_ALIAS_OK 1 176#define PKT_ALIAS_IGNORED 2 177#define PKT_ALIAS_UNRESOLVED_FRAGMENT 3 178#define PKT_ALIAS_FOUND_HEADER_FRAGMENT 4 179 180#endif /* !_ALIAS_H_ */ 181 182/* lint -restore */ 183