filter.h revision 28679 
1/*
2 *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
3 *
4 *   Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
5 *
6 * Redistribution and use in source and binary forms are permitted
7 * provided that the above copyright notice and this paragraph are
8 * duplicated in all such forms and that any documentation,
9 * advertising materials, and other materials related to such
10 * distribution and use acknowledge that the software was developed
11 * by the Internet Initiative Japan.  The name of the
12 * IIJ may not be used to endorse or promote products derived
13 * from this software without specific prior written permission.
14 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
16 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
17 *
18 * $Id: filter.h,v 1.8 1997/06/09 03:27:20 brian Exp $
19 *
20 *	TODO:
21 */
22
23#ifndef	_FILTER_H_
24#define	_FILTER_H_
25
26#define STREQ(a,b)	(strcmp(a,b) == 0)
27/*
28 *   Actions
29 */
30#define	A_NONE		0
31#define	A_PERMIT	1
32#define	A_DENY		2
33#define	A_MASK		3
34#define	A_UHOST		4
35#define	A_UPORT		8
36
37/*
38 *   Known protocols
39 */
40#define	P_NONE	0
41#define	P_TCP	1
42#define	P_UDP	2
43#define	P_ICMP	3
44
45/*
46 *   Operations
47 */
48#define	OP_NONE	0
49#define	OP_EQ	1
50#define	OP_GT	2
51#define	OP_LT	4
52
53struct filterent {
54  int action;			/* Filtering action */
55  int swidth;			/* Effective source address width */
56  struct in_addr saddr;		/* Source address */
57  struct in_addr smask;		/* Source address mask */
58  int dwidth;			/* Effective destination address width */
59  struct in_addr daddr;		/* Destination address */
60  struct in_addr dmask;		/* Destination address mask */
61  int proto;			/* Protocol */
62  struct {
63    short srcop;
64    u_short srcport;
65    short dstop;
66    u_short dstport;
67    int estab;
68  }      opt;
69};
70
71#define	MAXFILTERS	20
72
73#define FL_IN		0
74#define FL_OUT		1
75#define FL_DIAL		2
76#define FL_KEEP		3
77struct filterent ifilters[MAXFILTERS];
78struct filterent ofilters[MAXFILTERS];
79struct filterent dfilters[MAXFILTERS];
80struct filterent afilters[MAXFILTERS];	/* keep Alive packet filter */
81
82extern int ParseAddr(int, char **, struct in_addr *, struct in_addr *, int *);
83
84#endif				/* _FILTER_H_ */
85