1145522Sdarrenr/* $FreeBSD: stable/11/sys/contrib/ipfilter/netinet/ip_proxy.h 369245 2021-02-09 13:47:46Z git2svn $ */ 2145522Sdarrenr 353642Sguido/* 4255332Scy * Copyright (C) 2012 by Darren Reed. 553642Sguido * 680482Sdarrenr * See the IPFILTER.LICENCE file for details on licencing. 753642Sguido * 857126Sguido * $FreeBSD: stable/11/sys/contrib/ipfilter/netinet/ip_proxy.h 369245 2021-02-09 13:47:46Z git2svn $ 9145522Sdarrenr * Id: ip_proxy.h,v 2.31.2.2 2005/03/12 19:33:48 darrenr Exp 1053642Sguido */ 1153642Sguido 1253642Sguido#ifndef __IP_PROXY_H__ 1353642Sguido#define __IP_PROXY_H__ 1453642Sguido 15305138Sdim#ifndef SOLARIS 16366282Scy# if defined(sun) && defined(__SVR4) 17305138Sdim# define SOLARIS 1 18305138Sdim# else 19305138Sdim# define SOLARIS 0 20305138Sdim# endif 2153642Sguido#endif 2253642Sguido 23145579Sdarrenr#define SIOCPROXY _IOWR('r', 64, struct ap_control) 24145579Sdarrenr 2553642Sguido#ifndef APR_LABELLEN 2653642Sguido#define APR_LABELLEN 16 2753642Sguido#endif 2853642Sguido#define AP_SESS_SIZE 53 2953642Sguido 3053642Sguidostruct nat; 3153642Sguidostruct ipnat; 32145579Sdarrenrstruct ipstate; 3353642Sguido 3453642Sguidotypedef struct ap_tcp { 3553642Sguido u_short apt_sport; /* source port */ 3653642Sguido u_short apt_dport; /* destination port */ 3753642Sguido short apt_sel[2]; /* {seq,ack}{off,min} set selector */ 3853642Sguido short apt_seqoff[2]; /* sequence # difference */ 39145579Sdarrenr u_32_t apt_seqmin[2]; /* don't change seq-off until after this */ 4053642Sguido short apt_ackoff[2]; /* sequence # difference */ 41145579Sdarrenr u_32_t apt_ackmin[2]; /* don't change seq-off until after this */ 4253642Sguido u_char apt_state[2]; /* connection state */ 4353642Sguido} ap_tcp_t; 4453642Sguido 4553642Sguidotypedef struct ap_udp { 4653642Sguido u_short apu_sport; /* source port */ 4753642Sguido u_short apu_dport; /* destination port */ 4853642Sguido} ap_udp_t; 4953642Sguido 5053642Sguidotypedef struct ap_session { 5153642Sguido struct aproxy *aps_apr; 5253642Sguido union { 5353642Sguido struct ap_tcp apu_tcp; 5453642Sguido struct ap_udp apu_udp; 5553642Sguido } aps_un; 5653642Sguido U_QUAD_T aps_bytes; /* bytes sent */ 5753642Sguido U_QUAD_T aps_pkts; /* packets sent */ 5853642Sguido void *aps_nat; /* pointer back to nat struct */ 5953642Sguido void *aps_data; /* private data */ 6053642Sguido int aps_psiz; /* size of private data */ 6153642Sguido struct ap_session *aps_next; 6260855Sdarrenr} ap_session_t; 6353642Sguido 6453642Sguido#define aps_sport aps_un.apu_tcp.apt_sport 6553642Sguido#define aps_dport aps_un.apu_tcp.apt_dport 6653642Sguido#define aps_sel aps_un.apu_tcp.apt_sel 6753642Sguido#define aps_seqoff aps_un.apu_tcp.apt_seqoff 6853642Sguido#define aps_seqmin aps_un.apu_tcp.apt_seqmin 6953642Sguido#define aps_state aps_un.apu_tcp.apt_state 7053642Sguido#define aps_ackoff aps_un.apu_tcp.apt_ackoff 7153642Sguido#define aps_ackmin aps_un.apu_tcp.apt_ackmin 7253642Sguido 7353642Sguido 74145522Sdarrenrtypedef struct ap_control { 75145522Sdarrenr char apc_label[APR_LABELLEN]; 76255332Scy char apc_config[APR_LABELLEN]; 77145522Sdarrenr u_char apc_p; 78145522Sdarrenr /* 79145522Sdarrenr * The following fields are upto the proxy's apr_ctl routine to deal 80145522Sdarrenr * with. When the proxy gets this in kernel space, apc_data will 81145522Sdarrenr * point to a malloc'd region of memory of apc_dsize bytes. If the 82145522Sdarrenr * proxy wants to keep that memory, it must set apc_data to NULL 83145522Sdarrenr * before it returns. It is expected if this happens that it will 84145522Sdarrenr * take care to free it in apr_fini or otherwise as appropriate. 85145522Sdarrenr * apc_cmd is provided as a standard place to put simple commands, 86145522Sdarrenr * with apc_arg being available to put a simple arg. 87145522Sdarrenr */ 88145522Sdarrenr u_long apc_cmd; 89145522Sdarrenr u_long apc_arg; 90145522Sdarrenr void *apc_data; 91145522Sdarrenr size_t apc_dsize; 92145522Sdarrenr} ap_ctl_t; 93145522Sdarrenr 94255332Scy#define APC_CMD_ADD 0 95255332Scy#define APC_CMD_DEL 1 96145522Sdarrenr 97255332Scy 9853642Sguidotypedef struct aproxy { 9960855Sdarrenr struct aproxy *apr_next; 100255332Scy struct aproxy *apr_parent; 10153642Sguido char apr_label[APR_LABELLEN]; /* Proxy label # */ 102255332Scy u_char apr_p; /* protocol */ 10353642Sguido int apr_flags; 104255332Scy int apr_ref; 105255332Scy int apr_clones; 106369245Sgit2svn void (* apr_load)(void); 107369245Sgit2svn void (* apr_unload)(void); 108369245Sgit2svn void *(* apr_create)(ipf_main_softc_t *); 109369245Sgit2svn void (* apr_destroy)(ipf_main_softc_t *, void *); 110369245Sgit2svn int (* apr_init)(ipf_main_softc_t *, void *); 111369245Sgit2svn void (* apr_fini)(ipf_main_softc_t *, void *); 112369245Sgit2svn int (* apr_new)(void *, fr_info_t *, ap_session_t *, 113369245Sgit2svn struct nat *); 114369245Sgit2svn void (* apr_del)(ipf_main_softc_t *, ap_session_t *); 115369245Sgit2svn int (* apr_inpkt)(void *, fr_info_t *, ap_session_t *, 116369245Sgit2svn struct nat *); 117369245Sgit2svn int (* apr_outpkt)(void *, fr_info_t *, ap_session_t *, 118369245Sgit2svn struct nat *); 119369245Sgit2svn int (* apr_match)(fr_info_t *, ap_session_t *, struct nat *); 120369245Sgit2svn int (* apr_ctl)(ipf_main_softc_t *, void *, ap_ctl_t *); 121369245Sgit2svn int (* apr_clear)(struct aproxy *); 122369245Sgit2svn int (* apr_flush)(struct aproxy *, int); 123255332Scy void *apr_soft; 12453642Sguido} aproxy_t; 12553642Sguido 12653642Sguido#define APR_DELETE 1 12753642Sguido 128145522Sdarrenr#define APR_ERR(x) ((x) << 16) 12960855Sdarrenr#define APR_EXIT(x) (((x) >> 16) & 0xffff) 13060855Sdarrenr#define APR_INC(x) ((x) & 0xffff) 13153642Sguido 132255332Scy 133255332Scy#ifdef _KERNEL 13453642Sguido/* 135145522Sdarrenr * Generic #define's to cover missing things in the kernel 13660855Sdarrenr */ 137255332Scy# ifndef isdigit 138255332Scy# define isdigit(x) ((x) >= '0' && (x) <= '9') 139255332Scy# endif 140255332Scy# ifndef isupper 141255332Scy# define isupper(x) (((unsigned)(x) >= 'A') && ((unsigned)(x) <= 'Z')) 142255332Scy# endif 143255332Scy# ifndef islower 144255332Scy# define islower(x) (((unsigned)(x) >= 'a') && ((unsigned)(x) <= 'z')) 145255332Scy# endif 146255332Scy# ifndef isalpha 147255332Scy# define isalpha(x) (isupper(x) || islower(x)) 148255332Scy# endif 149255332Scy# ifndef toupper 150255332Scy# define toupper(x) (isupper(x) ? (x) : (x) - 'a' + 'A') 151255332Scy# endif 152255332Scy# ifndef isspace 153255332Scy# define isspace(x) (((x) == ' ') || ((x) == '\r') || ((x) == '\n') || \ 154145522Sdarrenr ((x) == '\t') || ((x) == '\b')) 155255332Scy# endif 156255332Scy#endif /* _KERNEL */ 157145522Sdarrenr 158145522Sdarrenr/* 159255332Scy * For the ftp proxy. 160145522Sdarrenr */ 161255332Scy#define FTP_BUFSZ 160 162255332Scy#define IPF_FTPBUFSZ 160 163145522Sdarrenr 16460855Sdarrenrtypedef struct ftpside { 16560855Sdarrenr char *ftps_rptr; 16660855Sdarrenr char *ftps_wptr; 167145522Sdarrenr void *ftps_ifp; 168102520Sdarrenr u_32_t ftps_seq[2]; 16972006Sdarrenr u_32_t ftps_len; 170255332Scy int ftps_junk; 17192685Sdarrenr int ftps_cmds; 172255332Scy int ftps_cmd; 17360855Sdarrenr char ftps_buf[FTP_BUFSZ]; 17460855Sdarrenr} ftpside_t; 17560855Sdarrenr 17660855Sdarrenrtypedef struct ftpinfo { 17780482Sdarrenr int ftp_passok; 17880482Sdarrenr int ftp_incok; 179255332Scy void *ftp_pendstate; 180255332Scy nat_t *ftp_pendnat; 18160855Sdarrenr ftpside_t ftp_side[2]; 18260855Sdarrenr} ftpinfo_t; 18360855Sdarrenr 184145522Sdarrenr 18560855Sdarrenr/* 186255332Scy * IPsec proxy 187255332Scy */ 188255332Scytypedef u_32_t ipsec_cookie_t[2]; 189255332Scy 190255332Scytypedef struct ipsec_pxy { 191255332Scy ipsec_cookie_t ipsc_icookie; 192255332Scy ipsec_cookie_t ipsc_rcookie; 193255332Scy int ipsc_rckset; 194255332Scy nat_t *ipsc_nat; 195255332Scy struct ipstate *ipsc_state; 196255332Scy ipnat_t *ipsc_rule; 197255332Scy} ipsec_pxy_t; 198255332Scy 199255332Scy 200255332Scy/* 201145522Sdarrenr * For the irc proxy. 202145522Sdarrenr */ 203145522Sdarrenrtypedef struct ircinfo { 204145522Sdarrenr size_t irc_len; 205145522Sdarrenr char *irc_snick; 206145522Sdarrenr char *irc_dnick; 207145522Sdarrenr char *irc_type; 208145522Sdarrenr char *irc_arg; 209145522Sdarrenr char *irc_addr; 210145522Sdarrenr u_32_t irc_ipnum; 211145522Sdarrenr u_short irc_port; 212145522Sdarrenr} ircinfo_t; 213145522Sdarrenr 214145522Sdarrenr 215145522Sdarrenr/* 216255332Scy * For the DNS "proxy" 217255332Scy */ 218255332Scytypedef struct dnsinfo { 219255332Scy ipfmutex_t dnsi_lock; 220255332Scy u_short dnsi_id; 221255332Scy char dnsi_buffer[512]; 222255332Scy} dnsinfo_t; 223255332Scy 224255332Scy 225255332Scy/* 22653642Sguido * Real audio proxy structure and #defines 22753642Sguido */ 22892685Sdarrenrtypedef struct raudio_s { 22953642Sguido int rap_seenpna; 23053642Sguido int rap_seenver; 23153642Sguido int rap_version; 23253642Sguido int rap_eos; /* End Of Startup */ 23353642Sguido int rap_gotid; 23453642Sguido int rap_gotlen; 23553642Sguido int rap_mode; 23653642Sguido int rap_sdone; 23753642Sguido u_short rap_plport; 23853642Sguido u_short rap_prport; 23953642Sguido u_short rap_srport; 24053642Sguido char rap_svr[19]; 24153642Sguido u_32_t rap_sbf; /* flag to indicate which of the 19 bytes have 24253642Sguido * been filled 24353642Sguido */ 244145579Sdarrenr u_32_t rap_sseq; 24553642Sguido} raudio_t; 24653642Sguido 24753642Sguido#define RA_ID_END 0 24853642Sguido#define RA_ID_UDP 1 24953642Sguido#define RA_ID_ROBUST 7 25053642Sguido 25153642Sguido#define RAP_M_UDP 1 25253642Sguido#define RAP_M_ROBUST 2 25353642Sguido#define RAP_M_TCP 4 25453642Sguido#define RAP_M_UDP_ROBUST (RAP_M_UDP|RAP_M_ROBUST) 25553642Sguido 256145522Sdarrenr 25792685Sdarrenr/* 258145522Sdarrenr * MSN RPC proxy 259145522Sdarrenr */ 260145522Sdarrenrtypedef struct msnrpcinfo { 261145522Sdarrenr u_int mri_flags; 262145522Sdarrenr int mri_cmd[2]; 263145522Sdarrenr u_int mri_valid; 264145522Sdarrenr struct in_addr mri_raddr; 265145522Sdarrenr u_short mri_rport; 266145522Sdarrenr} msnrpcinfo_t; 267145522Sdarrenr 268145522Sdarrenr 269145522Sdarrenr/* 270145522Sdarrenr * Sun RPCBIND proxy 271145522Sdarrenr */ 272145522Sdarrenr#define RPCB_MAXMSG 888 273145522Sdarrenr#define RPCB_RES_PMAP 0 /* Response contains a v2 port. */ 274145522Sdarrenr#define RPCB_RES_STRING 1 /* " " " v3 (GETADDR) string. */ 275145522Sdarrenr#define RPCB_RES_LIST 2 /* " " " v4 (GETADDRLIST) list. */ 276145522Sdarrenr#define RPCB_MAXREQS 32 /* Arbitrary limit on tracked transactions */ 277145522Sdarrenr 278145522Sdarrenr#define RPCB_REQMIN 40 279145522Sdarrenr#define RPCB_REQMAX 888 280145522Sdarrenr#define RPCB_REPMIN 20 281145522Sdarrenr#define RPCB_REPMAX 604 /* XXX double check this! */ 282145522Sdarrenr 283145522Sdarrenr/* 284145522Sdarrenr * These macros determine the number of bytes between p and the end of 285145522Sdarrenr * r->rs_buf relative to l. 286145522Sdarrenr */ 287145522Sdarrenr#define RPCB_BUF_END(r) (char *)((r)->rm_msgbuf + (r)->rm_buflen) 288145522Sdarrenr#define RPCB_BUF_GEQ(r, p, l) \ 289145522Sdarrenr ((RPCB_BUF_END((r)) > (char *)(p)) && \ 290145522Sdarrenr ((RPCB_BUF_END((r)) - (char *)(p)) >= (l))) 291145522Sdarrenr#define RPCB_BUF_EQ(r, p, l) \ 292145522Sdarrenr (RPCB_BUF_END((r)) == ((char *)(p) + (l))) 293145522Sdarrenr 294145522Sdarrenr/* 295145522Sdarrenr * The following correspond to RPC(B) detailed in RFC183[13]. 296145522Sdarrenr */ 297145522Sdarrenr#define RPCB_CALL 0 298145522Sdarrenr#define RPCB_REPLY 1 299145522Sdarrenr#define RPCB_MSG_VERSION 2 300145522Sdarrenr#define RPCB_PROG 100000 301145522Sdarrenr#define RPCB_GETPORT 3 302145522Sdarrenr#define RPCB_GETADDR 3 303145522Sdarrenr#define RPCB_GETADDRLIST 11 304145522Sdarrenr#define RPCB_MSG_ACCEPTED 0 305145522Sdarrenr#define RPCB_MSG_DENIED 1 306145522Sdarrenr 307145522Sdarrenr/* BEGIN (Generic XDR structures) */ 308145522Sdarrenrtypedef struct xdr_string { 309145522Sdarrenr u_32_t *xs_len; 310145522Sdarrenr char *xs_str; 311145522Sdarrenr} xdr_string_t; 312145522Sdarrenr 313145522Sdarrenrtypedef struct xdr_auth { 314145522Sdarrenr /* u_32_t xa_flavor; */ 315145522Sdarrenr xdr_string_t xa_string; 316145522Sdarrenr} xdr_auth_t; 317145522Sdarrenr 318145522Sdarrenrtypedef struct xdr_uaddr { 319145522Sdarrenr u_32_t xu_ip; 320145522Sdarrenr u_short xu_port; 321145522Sdarrenr xdr_string_t xu_str; 322145522Sdarrenr} xdr_uaddr_t; 323145522Sdarrenr 324145522Sdarrenrtypedef struct xdr_proto { 325145522Sdarrenr u_int xp_proto; 326145522Sdarrenr xdr_string_t xp_str; 327145522Sdarrenr} xdr_proto_t; 328145522Sdarrenr 329145522Sdarrenr#define xu_xslen xu_str.xs_len 330145522Sdarrenr#define xu_xsstr xu_str.xs_str 331145522Sdarrenr#define xp_xslen xp_str.xs_len 332145522Sdarrenr#define xp_xsstr xp_str.xs_str 333145522Sdarrenr/* END (Generic XDR structures) */ 334145522Sdarrenr 335145522Sdarrenr/* BEGIN (RPC call structures) */ 336145522Sdarrenrtypedef struct pmap_args { 337145522Sdarrenr /* u_32_t pa_prog; */ 338145522Sdarrenr /* u_32_t pa_vers; */ 339145522Sdarrenr u_32_t *pa_prot; 340145522Sdarrenr /* u_32_t pa_port; */ 341145522Sdarrenr} pmap_args_t; 342145522Sdarrenr 343145522Sdarrenrtypedef struct rpcb_args { 344145522Sdarrenr /* u_32_t *ra_prog; */ 345145522Sdarrenr /* u_32_t *ra_vers; */ 346145522Sdarrenr xdr_proto_t ra_netid; 347145522Sdarrenr xdr_uaddr_t ra_maddr; 348145522Sdarrenr /* xdr_string_t ra_owner; */ 349145522Sdarrenr} rpcb_args_t; 350145522Sdarrenr 351145522Sdarrenrtypedef struct rpc_call { 352145522Sdarrenr /* u_32_t rc_rpcvers; */ 353145522Sdarrenr /* u_32_t rc_prog; */ 354145522Sdarrenr u_32_t *rc_vers; 355145522Sdarrenr u_32_t *rc_proc; 356145522Sdarrenr xdr_auth_t rc_authcred; 357145522Sdarrenr xdr_auth_t rc_authverf; 358145522Sdarrenr union { 359145522Sdarrenr pmap_args_t ra_pmapargs; 360145522Sdarrenr rpcb_args_t ra_rpcbargs; 361145522Sdarrenr } rpcb_args; 362145522Sdarrenr} rpc_call_t; 363145522Sdarrenr 364145522Sdarrenr#define rc_pmapargs rpcb_args.ra_pmapargs 365145522Sdarrenr#define rc_rpcbargs rpcb_args.ra_rpcbargs 366145522Sdarrenr/* END (RPC call structures) */ 367145522Sdarrenr 368145522Sdarrenr/* BEGIN (RPC reply structures) */ 369145522Sdarrenrtypedef struct rpcb_entry { 370145522Sdarrenr xdr_uaddr_t re_maddr; 371145522Sdarrenr xdr_proto_t re_netid; 372145522Sdarrenr /* u_32_t re_semantics; */ 373145522Sdarrenr xdr_string_t re_family; 374145522Sdarrenr xdr_proto_t re_proto; 375145522Sdarrenr u_32_t *re_more; /* 1 == another entry follows */ 376145522Sdarrenr} rpcb_entry_t; 377145522Sdarrenr 378145522Sdarrenrtypedef struct rpcb_listp { 379145522Sdarrenr u_32_t *rl_list; /* 1 == list follows */ 380145522Sdarrenr int rl_cnt; 381145522Sdarrenr rpcb_entry_t rl_entries[2]; /* TCP / UDP only */ 382145522Sdarrenr} rpcb_listp_t; 383145522Sdarrenr 384145522Sdarrenrtypedef struct rpc_resp { 385145522Sdarrenr /* u_32_t rr_acceptdeny; */ 386145522Sdarrenr /* Omitted 'message denied' fork; we don't care about rejects. */ 387145522Sdarrenr xdr_auth_t rr_authverf; 388145522Sdarrenr /* u_32_t *rr_astat; */ 389145522Sdarrenr union { 390145522Sdarrenr u_32_t *resp_pmap; 391145522Sdarrenr xdr_uaddr_t resp_getaddr; 392145522Sdarrenr rpcb_listp_t resp_getaddrlist; 393145522Sdarrenr } rpcb_reply; 394145522Sdarrenr} rpc_resp_t; 395145522Sdarrenr 396145522Sdarrenr#define rr_v2 rpcb_reply.resp_pmap 397145522Sdarrenr#define rr_v3 rpcb_reply.resp_getaddr 398145522Sdarrenr#define rr_v4 rpcb_reply.resp_getaddrlist 399145522Sdarrenr/* END (RPC reply structures) */ 400145522Sdarrenr 401145522Sdarrenr/* BEGIN (RPC message structure & macros) */ 402145522Sdarrenrtypedef struct rpc_msg { 403145522Sdarrenr char rm_msgbuf[RPCB_MAXMSG]; /* RPCB data buffer */ 404145522Sdarrenr u_int rm_buflen; 405145522Sdarrenr u_32_t *rm_xid; 406145522Sdarrenr /* u_32_t Call vs Reply */ 407145522Sdarrenr union { 408145522Sdarrenr rpc_call_t rb_call; 409145522Sdarrenr rpc_resp_t rb_resp; 410145522Sdarrenr } rm_body; 411145522Sdarrenr} rpc_msg_t; 412145522Sdarrenr 413145522Sdarrenr#define rm_call rm_body.rb_call 414145522Sdarrenr#define rm_resp rm_body.rb_resp 415145522Sdarrenr/* END (RPC message structure & macros) */ 416145522Sdarrenr 417145522Sdarrenr/* 418145522Sdarrenr * These code paths aren't hot enough to warrant per transaction 419145522Sdarrenr * mutexes. 420145522Sdarrenr */ 421145522Sdarrenrtypedef struct rpcb_xact { 422145522Sdarrenr struct rpcb_xact *rx_next; 423145522Sdarrenr struct rpcb_xact **rx_pnext; 424145522Sdarrenr u_32_t rx_xid; /* RPC transmission ID */ 425145522Sdarrenr u_int rx_type; /* RPCB response type */ 426145522Sdarrenr u_int rx_ref; /* reference count */ 427145522Sdarrenr u_int rx_proto; /* transport protocol (v2 only) */ 428145522Sdarrenr} rpcb_xact_t; 429145522Sdarrenr 430145522Sdarrenrtypedef struct rpcb_session { 431145522Sdarrenr ipfmutex_t rs_rxlock; 432145522Sdarrenr rpcb_xact_t *rs_rxlist; 433145522Sdarrenr} rpcb_session_t; 434145522Sdarrenr 435145522Sdarrenr/* 436145522Sdarrenr * For an explanation, please see the following: 437145522Sdarrenr * RFC1832 - Sections 3.11, 4.4, and 4.5. 438145522Sdarrenr */ 439145522Sdarrenr#define XDRALIGN(x) ((((x) % 4) != 0) ? ((((x) + 3) / 4) * 4) : (x)) 440145522Sdarrenr 441369245Sgit2svnextern int ipf_proxy_add(void *, aproxy_t *); 442369245Sgit2svnextern int ipf_proxy_check(fr_info_t *, struct nat *); 443369245Sgit2svnextern int ipf_proxy_ctl(ipf_main_softc_t *, void *, ap_ctl_t *); 444369245Sgit2svnextern int ipf_proxy_del(aproxy_t *); 445369245Sgit2svnextern void ipf_proxy_deref(aproxy_t *); 446369245Sgit2svnextern void ipf_proxy_flush(void *, int); 447369245Sgit2svnextern int ipf_proxy_init(void); 448369245Sgit2svnextern int ipf_proxy_ioctl(ipf_main_softc_t *, caddr_t, ioctlcmd_t, int, void *); 449369245Sgit2svnextern aproxy_t *ipf_proxy_lookup(void *, u_int, char *); 450369245Sgit2svnextern int ipf_proxy_match(fr_info_t *, struct nat *); 451369245Sgit2svnextern int ipf_proxy_new(fr_info_t *, struct nat *); 452369245Sgit2svnextern int ipf_proxy_ok(fr_info_t *, tcphdr_t *, struct ipnat *); 453369245Sgit2svnextern void ipf_proxy_free(ipf_main_softc_t *, ap_session_t *); 454369245Sgit2svnextern int ipf_proxy_main_load(void); 455369245Sgit2svnextern int ipf_proxy_main_unload(void); 456369245Sgit2svnextern ipnat_t *ipf_proxy_rule_fwd(nat_t *); 457369245Sgit2svnextern ipnat_t *ipf_proxy_rule_rev(nat_t *); 458369245Sgit2svnextern void *ipf_proxy_soft_create(ipf_main_softc_t *); 459369245Sgit2svnextern void ipf_proxy_soft_destroy(ipf_main_softc_t *, void *); 460369245Sgit2svnextern int ipf_proxy_soft_init(ipf_main_softc_t *, void *); 461369245Sgit2svnextern int ipf_proxy_soft_fini(ipf_main_softc_t *, void *); 46253642Sguido 46353642Sguido#endif /* __IP_PROXY_H__ */ 464