alias.h revision 99207 
128328Ssos/* lint -save -library Flexelint comment for external headers */
2229784Suqs
328328Ssos/*-
428328Ssos * Copyright (c) 2001 Charles Mott <cm@linktel.net>
528328Ssos * All rights reserved.
628328Ssos *
728328Ssos * Redistribution and use in source and binary forms, with or without
828328Ssos * modification, are permitted provided that the following conditions
928328Ssos * are met:
1028328Ssos * 1. Redistributions of source code must retain the above copyright
1128328Ssos *    notice, this list of conditions and the following disclaimer.
1228328Ssos * 2. Redistributions in binary form must reproduce the above copyright
1328328Ssos *    notice, this list of conditions and the following disclaimer in the
1428328Ssos *    documentation and/or other materials provided with the distribution.
1597748Sschweikh *
1628328Ssos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
1728328Ssos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1828328Ssos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1928328Ssos * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
2028328Ssos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2128328Ssos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2228328Ssos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
2328328Ssos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
2428328Ssos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
2528328Ssos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2628328Ssos * SUCH DAMAGE.
2728328Ssos *
2850476Speter * $FreeBSD: head/sys/netinet/libalias/alias.h 99207 2002-07-01 11:19:40Z brian $
2928328Ssos */
3028328Ssos
3171519Ssobomax/*-
3271519Ssobomax * Alias.h defines the outside world interfaces for the packet aliasing
3371519Ssobomax * software.
3428328Ssos *
3528328Ssos * This software is placed into the public domain with no restrictions on its
3628328Ssos * distribution.
3728328Ssos */
3828328Ssos
3928328Ssos#ifndef _ALIAS_H_
4028328Ssos#define	_ALIAS_H_
4128328Ssos
4228328Ssos/* The external interface to libalias, the packet aliasing engine. */
4353013Syokota
4453013Syokota/* Initialization and control functions. */
4528328Ssosvoid	 PacketAliasInit(void);
4670991Snsouchvoid	 PacketAliasSetAddress(struct in_addr _addr);
4728328Ssosvoid	 PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
4828328Ssosunsigned int
4953013Syokota	 PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
5053052Syokotavoid	 PacketAliasUninit(void);
5153013Syokota
5228328Ssos/* Packet Handling functions. */
5328328Ssosint	 PacketAliasIn(char *_ptr, int _maxpacketsize);
5428328Ssosint	 PacketAliasOut(char *_ptr, int _maxpacketsize);
5528328Ssosint	 PacketUnaliasOut(char *_ptr, int _maxpacketsize);
5628328Ssos
5728328Ssos/* Port and address redirection functions. */
5828328Ssos
5953013Syokota/*
6053013Syokota * An anonymous structure, a pointer to which is returned from
6170991Snsouch * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
6270991Snsouch * PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
6370991Snsouch * and freed by PacketAliasRedirectDelete().
6470991Snsouch */
6570991Snsouchstruct	alias_link;
6670991Snsouch
6728328Ssosint	 PacketAliasAddServer(struct alias_link *_link,
6828328Ssos	    struct in_addr _addr, unsigned short _port);
6928328Ssosstruct alias_link *
7028328Ssos	 PacketAliasRedirectAddr(struct in_addr _src_addr,
7128328Ssos	    struct in_addr _alias_addr);
7228328Ssosvoid	 PacketAliasRedirectDelete(struct alias_link *_link);
7328328Ssosstruct alias_link *
7428328Ssos	 PacketAliasRedirectPort(struct in_addr _src_addr,
7528328Ssos	    unsigned short _src_port, struct in_addr _dst_addr,
7628328Ssos	    unsigned short _dst_port, struct in_addr _alias_addr,
7728328Ssos	    unsigned short _alias_port, unsigned char _proto);
7828328Ssosstruct alias_link *
7928328Ssos	 PacketAliasRedirectProto(struct in_addr _src_addr,
8028328Ssos	    struct in_addr _dst_addr, struct in_addr _alias_addr,
8128328Ssos	    unsigned char _proto);
8228328Ssos
8328328Ssos/* Fragment Handling functions. */
8428328Ssosvoid	 PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
8528328Ssoschar	*PacketAliasGetFragment(char *_ptr);
8628328Ssosint	 PacketAliasSaveFragment(char *_ptr);
8728328Ssos
8828328Ssos/* Miscellaneous functions. */
8928328Ssosint	 PacketAliasCheckNewLink(void);
9028328Ssosunsigned short
9128328Ssos	 PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
9228328Ssosvoid	 PacketAliasSetTarget(struct in_addr _target_addr);
9328328Ssos
9430044Ssos/* Transparent proxying routines. */
9530044Ssosint	 PacketAliasProxyRule(const char *_cmd);
9630044Ssos
9728328Ssos/* Mode flags, set using PacketAliasSetMode() */
9853013Syokota
9953013Syokota/*
10053013Syokota * If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log
10153013Syokota * every time a link is created or deleted.  This is useful for debugging.
10228328Ssos */
10328328Ssos#define	PKT_ALIAS_LOG			0x01
10428328Ssos
10528328Ssos/*
10628328Ssos * If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp,
10728328Ssos * telnet or web servers will be prevented by the aliasing mechanism.
10828328Ssos */
10953013Syokota#define	PKT_ALIAS_DENY_INCOMING		0x02
11053013Syokota
11153013Syokota/*
11230044Ssos * If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the
11330044Ssos * same port as they originated on.  This allows e.g. rsh to work *99% of the
11430044Ssos * time*, but _not_ 100% (it will be slightly flakey instead of not working
11530044Ssos * at all).  This mode bit is set by PacketAliasInit(), so it is a default
11628328Ssos * mode of operation.
11728328Ssos */
11828328Ssos#define	PKT_ALIAS_SAME_PORTS		0x04
11928328Ssos
12053013Syokota/*
12153013Syokota * If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g.
12253013Syokota * destination port and/or address is zero), the packet aliasing engine will
12328328Ssos * attempt to allocate a socket for the aliasing port it chooses.  This will
12428328Ssos * avoid interference with the host machine.  Fully specified links do not
12528328Ssos * require this.  This bit is set after a call to PacketAliasInit(), so it is
12628328Ssos * a default mode of operation.
12728328Ssos */
12828328Ssos#define	PKT_ALIAS_USE_SOCKETS		0x08
12928328Ssos
13028328Ssos/*-
13128328Ssos * If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with
13228328Ssos * unregistered source addresses will be aliased.  Private
13328328Ssos * addresses are those in the following ranges:
13428328Ssos *
13570991Snsouch *		10.0.0.0     ->   10.255.255.255
13670991Snsouch *		172.16.0.0   ->   172.31.255.255
13770991Snsouch *		192.168.0.0  ->   192.168.255.255
13870991Snsouch */
13970991Snsouch#define	PKT_ALIAS_UNREGISTERED_ONLY	0x10
14070991Snsouch
14170991Snsouch/*
14270991Snsouch * If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic
14328328Ssos * aliasing links will be reset whenever PacketAliasSetAddress() changes the
14428328Ssos * default aliasing address.  If the default aliasing address is left
14528328Ssos * unchanged by this function call, then the table of dynamic aliasing links
14628328Ssos * will be left intact.  This bit is set after a call to PacketAliasInit().
14728328Ssos */
14828328Ssos#define	PKT_ALIAS_RESET_ON_ADDR_CHANGE	0x20
14928328Ssos
15028328Ssos#ifndef NO_FW_PUNCH
15128328Ssos/*
15228328Ssos * If PKT_ALIAS_PUNCH_FW is set, active FTP and IRC DCC connections will
15371519Ssobomax * create a 'hole' in the firewall to allow the transfers to work.  The
15471519Ssobomax * ipfw rule number that the hole is created with is controlled by
155 * PacketAliasSetFWBase().  The hole will be attached to that
156 * particular alias_link, so when the link goes away the hole is deleted.
157 */
158#define	PKT_ALIAS_PUNCH_FW		0x100
159#endif
160
161/*
162 * If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only
163 * transparent proxying is performed.
164 */
165#define	PKT_ALIAS_PROXY_ONLY		0x40
166
167/*
168 * If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and
169 * PacketAliasOut() are reversed.
170 */
171#define	PKT_ALIAS_REVERSE		0x80
172
173/* Function return codes. */
174#define	PKT_ALIAS_ERROR			-1
175#define	PKT_ALIAS_OK			1
176#define	PKT_ALIAS_IGNORED		2
177#define	PKT_ALIAS_UNRESOLVED_FRAGMENT	3
178#define	PKT_ALIAS_FOUND_HEADER_FRAGMENT	4
179
180#endif /* !_ALIAS_H_ */
181
182/* lint -restore */
183