ip_proxy.h revision 60855 
153642Sguido/*
260855Sdarrenr * Copyright (C) 1997-2000 by Darren Reed.
353642Sguido *
453642Sguido * Redistribution and use in source and binary forms are permitted
553642Sguido * provided that this notice is preserved and due credit is given
653642Sguido * to the original author and the contributors.
753642Sguido *
853642Sguido * $Id: ip_proxy.h,v 2.1.2.1 1999/09/19 12:18:20 darrenr Exp $
957126Sguido * $FreeBSD: head/sys/contrib/ipfilter/netinet/ip_proxy.h 60855 2000-05-24 04:21:35Z darrenr $
1053642Sguido */
1153642Sguido
1253642Sguido#ifndef	__IP_PROXY_H__
1353642Sguido#define	__IP_PROXY_H__
1453642Sguido
1553642Sguido#ifndef SOLARIS
1653642Sguido#define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
1753642Sguido#endif
1853642Sguido
1953642Sguido#ifndef	APR_LABELLEN
2053642Sguido#define	APR_LABELLEN	16
2153642Sguido#endif
2253642Sguido#define	AP_SESS_SIZE	53
2353642Sguido
2453642Sguidostruct	nat;
2553642Sguidostruct	ipnat;
2653642Sguido
2753642Sguidotypedef	struct	ap_tcp {
2853642Sguido	u_short	apt_sport;	/* source port */
2953642Sguido	u_short	apt_dport;	/* destination port */
3053642Sguido	short	apt_sel[2];	/* {seq,ack}{off,min} set selector */
3153642Sguido	short	apt_seqoff[2];	/* sequence # difference */
3253642Sguido	tcp_seq	apt_seqmin[2];	/* don't change seq-off until after this */
3353642Sguido	short	apt_ackoff[2];	/* sequence # difference */
3453642Sguido	tcp_seq	apt_ackmin[2];	/* don't change seq-off until after this */
3553642Sguido	u_char	apt_state[2];	/* connection state */
3653642Sguido} ap_tcp_t;
3753642Sguido
3853642Sguidotypedef	struct	ap_udp {
3953642Sguido	u_short	apu_sport;	/* source port */
4053642Sguido	u_short	apu_dport;	/* destination port */
4153642Sguido} ap_udp_t;
4253642Sguido
4353642Sguidotypedef	struct ap_session {
4453642Sguido	struct	aproxy	*aps_apr;
4553642Sguido	union {
4653642Sguido		struct	ap_tcp	apu_tcp;
4753642Sguido		struct	ap_udp	apu_udp;
4853642Sguido	} aps_un;
4953642Sguido	u_int	aps_flags;
5053642Sguido	U_QUAD_T aps_bytes;	/* bytes sent */
5153642Sguido	U_QUAD_T aps_pkts;	/* packets sent */
5253642Sguido	void	*aps_nat;	/* pointer back to nat struct */
5353642Sguido	void	*aps_data;	/* private data */
5453642Sguido	int	aps_p;		/* protocol */
5553642Sguido	int	aps_psiz;	/* size of private data */
5653642Sguido	struct	ap_session	*aps_hnext;
5753642Sguido	struct	ap_session	*aps_next;
5860855Sdarrenr} ap_session_t;
5953642Sguido
6053642Sguido#define	aps_sport	aps_un.apu_tcp.apt_sport
6153642Sguido#define	aps_dport	aps_un.apu_tcp.apt_dport
6253642Sguido#define	aps_sel		aps_un.apu_tcp.apt_sel
6353642Sguido#define	aps_seqoff	aps_un.apu_tcp.apt_seqoff
6453642Sguido#define	aps_seqmin	aps_un.apu_tcp.apt_seqmin
6553642Sguido#define	aps_state	aps_un.apu_tcp.apt_state
6653642Sguido#define	aps_ackoff	aps_un.apu_tcp.apt_ackoff
6753642Sguido#define	aps_ackmin	aps_un.apu_tcp.apt_ackmin
6853642Sguido
6953642Sguido
7053642Sguidotypedef	struct	aproxy	{
7160855Sdarrenr	struct	aproxy	*apr_next;
7253642Sguido	char	apr_label[APR_LABELLEN];	/* Proxy label # */
7353642Sguido	u_char	apr_p;		/* protocol */
7453642Sguido	int	apr_ref;	/* +1 per rule referencing it */
7553642Sguido	int	apr_flags;
7653642Sguido	int	(* apr_init) __P((void));
7760855Sdarrenr	void	(* apr_fini) __P((void));
7853642Sguido	int	(* apr_new) __P((fr_info_t *, ip_t *,
7953642Sguido				 ap_session_t *, struct nat *));
8053642Sguido	int	(* apr_inpkt) __P((fr_info_t *, ip_t *,
8153642Sguido				   ap_session_t *, struct nat *));
8253642Sguido	int	(* apr_outpkt) __P((fr_info_t *, ip_t *,
8353642Sguido				    ap_session_t *, struct nat *));
8453642Sguido} aproxy_t;
8553642Sguido
8653642Sguido#define	APR_DELETE	1
8753642Sguido
8860855Sdarrenr#define	APR_ERR(x)	(((x) & 0xffff) << 16)
8960855Sdarrenr#define	APR_EXIT(x)	(((x) >> 16) & 0xffff)
9060855Sdarrenr#define	APR_INC(x)	((x) & 0xffff)
9153642Sguido
9260855Sdarrenr#define	FTP_BUFSZ	160
9353642Sguido/*
9460855Sdarrenr * For the ftp proxy.
9560855Sdarrenr */
9660855Sdarrenrtypedef struct  ftpside {
9760855Sdarrenr	char	*ftps_rptr;
9860855Sdarrenr	char	*ftps_wptr;
9960855Sdarrenr	u_32_t	ftps_seq;
10060855Sdarrenr	int	ftps_junk;
10160855Sdarrenr	char	ftps_buf[FTP_BUFSZ];
10260855Sdarrenr} ftpside_t;
10360855Sdarrenr
10460855Sdarrenrtypedef struct  ftpinfo {
10560855Sdarrenr	u_int   	ftp_passok;
10660855Sdarrenr	ftpside_t	ftp_side[2];
10760855Sdarrenr} ftpinfo_t;
10860855Sdarrenr
10960855Sdarrenr/*
11053642Sguido * Real audio proxy structure and #defines
11153642Sguido */
11253642Sguidotypedef	struct	{
11353642Sguido	int	rap_seenpna;
11453642Sguido	int	rap_seenver;
11553642Sguido	int	rap_version;
11653642Sguido	int	rap_eos;	/* End Of Startup */
11753642Sguido	int	rap_gotid;
11853642Sguido	int	rap_gotlen;
11953642Sguido	int	rap_mode;
12053642Sguido	int	rap_sdone;
12153642Sguido	u_short	rap_plport;
12253642Sguido	u_short	rap_prport;
12353642Sguido	u_short	rap_srport;
12453642Sguido	char	rap_svr[19];
12553642Sguido	u_32_t	rap_sbf;	/* flag to indicate which of the 19 bytes have
12653642Sguido				 * been filled
12753642Sguido				 */
12853642Sguido	tcp_seq	rap_sseq;
12953642Sguido} raudio_t;
13053642Sguido
13153642Sguido#define	RA_ID_END	0
13253642Sguido#define	RA_ID_UDP	1
13353642Sguido#define	RA_ID_ROBUST	7
13453642Sguido
13553642Sguido#define	RAP_M_UDP	1
13653642Sguido#define	RAP_M_ROBUST	2
13753642Sguido#define	RAP_M_TCP	4
13853642Sguido#define	RAP_M_UDP_ROBUST	(RAP_M_UDP|RAP_M_ROBUST)
13953642Sguido
14053642Sguido
14153642Sguidoextern	ap_session_t	*ap_sess_tab[AP_SESS_SIZE];
14253642Sguidoextern	ap_session_t	*ap_sess_list;
14353642Sguidoextern	aproxy_t	ap_proxies[];
14460855Sdarrenrextern	int		ippr_ftp_pasvonly;
14553642Sguido
14660855Sdarrenrextern	int	appr_add __P((aproxy_t *));
14760855Sdarrenrextern	int	appr_del __P((aproxy_t *));
14853642Sguidoextern	int	appr_init __P((void));
14960855Sdarrenrextern	void	appr_unload __P((void));
15053642Sguidoextern	int	appr_ok __P((ip_t *, tcphdr_t *, struct ipnat *));
15153642Sguidoextern	void	appr_free __P((aproxy_t *));
15253642Sguidoextern	void	aps_free __P((ap_session_t *));
15353642Sguidoextern	int	appr_check __P((ip_t *, fr_info_t *, struct nat *));
15453642Sguidoextern	aproxy_t	*appr_match __P((u_int, char *));
15553642Sguido
15653642Sguido#endif /* __IP_PROXY_H__ */
157