1/*- 2 * Copyright (c) 2002-2009 Luigi Rizzo, Universita` di Pisa 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23 * SUCH DAMAGE. 24 * 25 * $FreeBSD: releng/11.0/sys/netpfil/ipfw/ip_fw_table.h 290332 2015-11-03 10:29:46Z ae $ 26 */ 27 28#ifndef _IPFW2_TABLE_H 29#define _IPFW2_TABLE_H 30 31/* 32 * Internal constants and data structures used by ipfw tables 33 * not meant to be exported outside the kernel. 34 */ 35#ifdef _KERNEL 36 37struct table_algo; 38struct tables_config { 39 struct namedobj_instance *namehash; 40 struct namedobj_instance *valhash; 41 uint32_t val_size; 42 uint32_t algo_count; 43 struct table_algo *algo[256]; 44 struct table_algo *def_algo[IPFW_TABLE_MAXTYPE + 1]; 45 TAILQ_HEAD(op_state_l,op_state) state_list; 46}; 47#define CHAIN_TO_TCFG(chain) ((struct tables_config *)(chain)->tblcfg) 48 49struct table_info { 50 table_lookup_t *lookup; /* Lookup function */ 51 void *state; /* Lookup radix/other structure */ 52 void *xstate; /* eXtended state */ 53 u_long data; /* Hints for given func */ 54}; 55 56struct table_value; 57struct tentry_info { 58 void *paddr; 59 struct table_value *pvalue; 60 void *ptv; /* Temporary field to hold obj */ 61 uint8_t masklen; /* mask length */ 62 uint8_t subtype; 63 uint16_t flags; /* record flags */ 64 uint32_t value; /* value index */ 65}; 66#define TEI_FLAGS_UPDATE 0x0001 /* Add or update rec if exists */ 67#define TEI_FLAGS_UPDATED 0x0002 /* Entry has been updated */ 68#define TEI_FLAGS_COMPAT 0x0004 /* Called from old ABI */ 69#define TEI_FLAGS_DONTADD 0x0008 /* Do not create new rec */ 70#define TEI_FLAGS_ADDED 0x0010 /* Entry was added */ 71#define TEI_FLAGS_DELETED 0x0020 /* Entry was deleted */ 72#define TEI_FLAGS_LIMIT 0x0040 /* Limit was hit */ 73#define TEI_FLAGS_ERROR 0x0080 /* Unknown request error */ 74#define TEI_FLAGS_NOTFOUND 0x0100 /* Entry was not found */ 75#define TEI_FLAGS_EXISTS 0x0200 /* Entry already exists */ 76 77typedef int (ta_init)(struct ip_fw_chain *ch, void **ta_state, 78 struct table_info *ti, char *data, uint8_t tflags); 79typedef void (ta_destroy)(void *ta_state, struct table_info *ti); 80typedef int (ta_prepare_add)(struct ip_fw_chain *ch, struct tentry_info *tei, 81 void *ta_buf); 82typedef int (ta_prepare_del)(struct ip_fw_chain *ch, struct tentry_info *tei, 83 void *ta_buf); 84typedef int (ta_add)(void *ta_state, struct table_info *ti, 85 struct tentry_info *tei, void *ta_buf, uint32_t *pnum); 86typedef int (ta_del)(void *ta_state, struct table_info *ti, 87 struct tentry_info *tei, void *ta_buf, uint32_t *pnum); 88typedef void (ta_flush_entry)(struct ip_fw_chain *ch, struct tentry_info *tei, 89 void *ta_buf); 90 91typedef int (ta_need_modify)(void *ta_state, struct table_info *ti, 92 uint32_t count, uint64_t *pflags); 93typedef int (ta_prepare_mod)(void *ta_buf, uint64_t *pflags); 94typedef int (ta_fill_mod)(void *ta_state, struct table_info *ti, 95 void *ta_buf, uint64_t *pflags); 96typedef void (ta_modify)(void *ta_state, struct table_info *ti, 97 void *ta_buf, uint64_t pflags); 98typedef void (ta_flush_mod)(void *ta_buf); 99 100typedef void (ta_change_ti)(void *ta_state, struct table_info *ti); 101typedef void (ta_print_config)(void *ta_state, struct table_info *ti, char *buf, 102 size_t bufsize); 103 104typedef int ta_foreach_f(void *node, void *arg); 105typedef void ta_foreach(void *ta_state, struct table_info *ti, ta_foreach_f *f, 106 void *arg); 107typedef int ta_dump_tentry(void *ta_state, struct table_info *ti, void *e, 108 ipfw_obj_tentry *tent); 109typedef int ta_find_tentry(void *ta_state, struct table_info *ti, 110 ipfw_obj_tentry *tent); 111typedef void ta_dump_tinfo(void *ta_state, struct table_info *ti, 112 ipfw_ta_tinfo *tinfo); 113typedef uint32_t ta_get_count(void *ta_state, struct table_info *ti); 114 115struct table_algo { 116 char name[16]; 117 uint32_t idx; 118 uint32_t type; 119 uint32_t refcnt; 120 uint32_t flags; 121 uint32_t vlimit; 122 size_t ta_buf_size; 123 ta_init *init; 124 ta_destroy *destroy; 125 ta_prepare_add *prepare_add; 126 ta_prepare_del *prepare_del; 127 ta_add *add; 128 ta_del *del; 129 ta_flush_entry *flush_entry; 130 ta_find_tentry *find_tentry; 131 ta_need_modify *need_modify; 132 ta_prepare_mod *prepare_mod; 133 ta_fill_mod *fill_mod; 134 ta_modify *modify; 135 ta_flush_mod *flush_mod; 136 ta_change_ti *change_ti; 137 ta_foreach *foreach; 138 ta_dump_tentry *dump_tentry; 139 ta_print_config *print_config; 140 ta_dump_tinfo *dump_tinfo; 141 ta_get_count *get_count; 142}; 143#define TA_FLAG_DEFAULT 0x01 /* Algo is default for given type */ 144#define TA_FLAG_READONLY 0x02 /* Algo does not support modifications*/ 145#define TA_FLAG_EXTCOUNTER 0x04 /* Algo has external counter available*/ 146 147int ipfw_add_table_algo(struct ip_fw_chain *ch, struct table_algo *ta, 148 size_t size, int *idx); 149void ipfw_del_table_algo(struct ip_fw_chain *ch, int idx); 150 151void ipfw_table_algo_init(struct ip_fw_chain *chain); 152void ipfw_table_algo_destroy(struct ip_fw_chain *chain); 153 154MALLOC_DECLARE(M_IPFW_TBL); 155/* Exported to support legacy opcodes */ 156int add_table_entry(struct ip_fw_chain *ch, struct tid_info *ti, 157 struct tentry_info *tei, uint8_t flags, uint32_t count); 158int del_table_entry(struct ip_fw_chain *ch, struct tid_info *ti, 159 struct tentry_info *tei, uint8_t flags, uint32_t count); 160int flush_table(struct ip_fw_chain *ch, struct tid_info *ti); 161void ipfw_import_table_value_legacy(uint32_t value, struct table_value *v); 162uint32_t ipfw_export_table_value_legacy(struct table_value *v); 163int ipfw_get_table_size(struct ip_fw_chain *ch, ip_fw3_opheader *op3, 164 struct sockopt_data *sd); 165 166/* ipfw_table_value.c functions */ 167struct table_config; 168struct tableop_state; 169void ipfw_table_value_init(struct ip_fw_chain *ch, int first); 170void ipfw_table_value_destroy(struct ip_fw_chain *ch, int last); 171int ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts); 172void ipfw_garbage_table_values(struct ip_fw_chain *ch, struct table_config *tc, 173 struct tentry_info *tei, uint32_t count, int rollback); 174void ipfw_import_table_value_v1(ipfw_table_value *iv); 175void ipfw_export_table_value_v1(struct table_value *v, ipfw_table_value *iv); 176void ipfw_unref_table_values(struct ip_fw_chain *ch, struct table_config *tc, 177 struct table_algo *ta, void *astate, struct table_info *ti); 178void rollback_table_values(struct tableop_state *ts); 179 180int ipfw_rewrite_table_uidx(struct ip_fw_chain *chain, 181 struct rule_check_info *ci); 182int ipfw_mark_table_kidx(struct ip_fw_chain *chain, struct ip_fw *rule, 183 uint32_t *bmask); 184int ipfw_export_table_ntlv(struct ip_fw_chain *ch, uint16_t kidx, 185 struct sockopt_data *sd); 186void ipfw_unref_rule_tables(struct ip_fw_chain *chain, struct ip_fw *rule); 187struct namedobj_instance *ipfw_get_table_objhash(struct ip_fw_chain *ch); 188 189/* utility functions */ 190int ipfw_move_tables_sets(struct ip_fw_chain *ch, ipfw_range_tlv *rt, 191 uint32_t new_set); 192void ipfw_swap_tables_sets(struct ip_fw_chain *ch, uint32_t old_set, 193 uint32_t new_set, int mv); 194int ipfw_foreach_table_tentry(struct ip_fw_chain *ch, uint16_t kidx, 195 ta_foreach_f f, void *arg); 196 197/* internal functions */ 198void tc_ref(struct table_config *tc); 199void tc_unref(struct table_config *tc); 200 201struct op_state; 202typedef void (op_rollback_f)(void *object, struct op_state *state); 203struct op_state { 204 TAILQ_ENTRY(op_state) next; /* chain link */ 205 op_rollback_f *func; 206}; 207 208struct tableop_state { 209 struct op_state opstate; 210 struct ip_fw_chain *ch; 211 struct table_config *tc; 212 struct table_algo *ta; 213 struct tentry_info *tei; 214 uint32_t count; 215 uint32_t vmask; 216 int vshared; 217 int modified; 218}; 219 220void add_toperation_state(struct ip_fw_chain *ch, struct tableop_state *ts); 221void del_toperation_state(struct ip_fw_chain *ch, struct tableop_state *ts); 222void rollback_toperation_state(struct ip_fw_chain *ch, void *object); 223 224/* Legacy interfaces */ 225int ipfw_count_table(struct ip_fw_chain *ch, struct tid_info *ti, 226 uint32_t *cnt); 227int ipfw_count_xtable(struct ip_fw_chain *ch, struct tid_info *ti, 228 uint32_t *cnt); 229int ipfw_dump_table_legacy(struct ip_fw_chain *ch, struct tid_info *ti, 230 ipfw_table *tbl); 231 232 233#endif /* _KERNEL */ 234#endif /* _IPFW2_TABLE_H */ 235