1/* 2 * Copyright (C) 1993-2001 by Darren Reed. 3 * 4 * See the IPFILTER.LICENCE file for details on licencing. 5 * 6 * @(#)ip_fil.h 1.35 6/5/96 7 * $Id: ip_scan.h,v 2.9.2.2 2006/07/14 06:12:19 darrenr Exp $ 8 */ 9 10#ifndef __IP_SCAN_H__ 11#define __IP_SCAN_H__ 1 12 13#ifdef sun 14# include <sys/ioccom.h> 15#endif 16 17#define IPSCAN_NAME "/dev/ipscan" 18#define IPL_SCAN IPSCAN_NAME 19#define ISC_TLEN 16 20 21 22struct fr_info; 23struct frentry; 24struct ip; 25struct ipstate; 26 27 28#if defined(__STDC__) || defined(__GNUC__) || defined(_AIX51) 29# define SIOCADSCA _IOWR('r', 60, struct ipscan *) 30# define SIOCRMSCA _IOWR('r', 61, struct ipscan *) 31# define SIOCGSCST _IOWR('r', 62, struct ipscan *) 32#else 33# define SIOCADSCA _IOWR(r, 60, struct ipscan *) 34# define SIOCRMSCA _IOWR(r, 61, struct ipscan *) 35# define SIOCGSCST _IOWR(r, 62, struct ipscan *) 36#endif 37 38struct action { 39 int act_val; /* what to do */ 40 struct in_addr act_ip; /* redirect IP# */ 41 u_short act_port; /* redirect port number */ 42 int act_else; /* what to do */ 43 struct in_addr act_eip; /* redirect IP# */ 44 u_short act_eport; /* redirect port number */ 45}; 46 47 48typedef struct sinfo { 49 char s_txt[ISC_TLEN]; /* text to match */ 50 char s_msk[ISC_TLEN]; /* mask of the above to check */ 51 int s_len; /* length of server text */ 52} sinfo_t; 53 54 55typedef struct ipscan { 56 struct ipscan *ipsc_next; 57 struct ipscan **ipsc_pnext; 58 char ipsc_tag[ISC_TLEN]; /* table entry protocol tag */ 59 sinfo_t ipsc_si[2]; /* client/server side information */ 60 int ipsc_hits; /* times this has been matched */ 61 int ipsc_active; /* # of active matches */ 62 int ipsc_fref; /* # of references from filter rules */ 63 int ipsc_sref; /* # of references from state entries */ 64 struct action ipsc_act; 65} ipscan_t; 66 67 68#define ipsc_cl ipsc_si[0] 69#define ipsc_sl ipsc_si[1] 70#define ipsc_ctxt ipsc_cl.s_txt 71#define ipsc_cmsk ipsc_cl.s_msk 72#define ipsc_clen ipsc_cl.s_len 73#define ipsc_stxt ipsc_sl.s_txt 74#define ipsc_smsk ipsc_sl.s_msk 75#define ipsc_slen ipsc_sl.s_len 76#define ipsc_action ipsc_act.act_val 77#define ipsc_ip ipsc_act.act_ip 78#define ipsc_port ipsc_act.act_port 79#define ipsc_else ipsc_act.act_else 80#define ipsc_eip ipsc_act.act_eip 81#define ipsc_eport ipsc_act.act_eport 82 83#define ISC_A_NONE 0 84#define ISC_A_TRACK 1 85#define ISC_A_CLOSE 2 86#define ISC_A_REDIRECT 3 87 88 89typedef struct ipscanstat { 90 struct ipscan *iscs_list; 91 u_long iscs_acted; 92 u_long iscs_else; 93 int iscs_entries; 94} ipscanstat_t; 95 96 97extern int fr_scan_ioctl __P((caddr_t, ioctlcmd_t, int, int, void *)); 98extern int ipsc_init __P((void)); 99extern int ipsc_attachis __P((struct ipstate *)); 100extern int ipsc_attachfr __P((struct frentry *)); 101extern int ipsc_detachis __P((struct ipstate *)); 102extern int ipsc_detachfr __P((struct frentry *)); 103extern int ipsc_packet __P((struct fr_info *, struct ipstate *)); 104extern void fr_scanunload __P((void)); 105 106#endif /* __IP_SCAN_H__ */ 107