filter.h revision 30715 
1/*
2 *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
3 *
4 *   Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
5 *
6 * Redistribution and use in source and binary forms are permitted
7 * provided that the above copyright notice and this paragraph are
8 * duplicated in all such forms and that any documentation,
9 * advertising materials, and other materials related to such
10 * distribution and use acknowledge that the software was developed
11 * by the Internet Initiative Japan.  The name of the
12 * IIJ may not be used to endorse or promote products derived
13 * from this software without specific prior written permission.
14 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
16 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
17 *
18 * $Id: filter.h,v 1.9 1997/08/25 00:29:11 brian Exp $
19 *
20 *	TODO:
21 */
22
23/*
24 *   Actions
25 */
26#define	A_NONE		0
27#define	A_PERMIT	1
28#define	A_DENY		2
29#define	A_MASK		3
30#define	A_UHOST		4
31#define	A_UPORT		8
32
33/*
34 *   Known protocols
35 */
36#define	P_NONE	0
37#define	P_TCP	1
38#define	P_UDP	2
39#define	P_ICMP	3
40
41/*
42 *   Operations
43 */
44#define	OP_NONE	0
45#define	OP_EQ	1
46#define	OP_GT	2
47#define	OP_LT	4
48
49struct filterent {
50  int action;			/* Filtering action */
51  int swidth;			/* Effective source address width */
52  struct in_addr saddr;		/* Source address */
53  struct in_addr smask;		/* Source address mask */
54  int dwidth;			/* Effective destination address width */
55  struct in_addr daddr;		/* Destination address */
56  struct in_addr dmask;		/* Destination address mask */
57  int proto;			/* Protocol */
58  struct {
59    short srcop;
60    u_short srcport;
61    short dstop;
62    u_short dstport;
63    int estab;
64  } opt;
65};
66
67#define	MAXFILTERS	20
68
69#define FL_IN		0
70#define FL_OUT		1
71#define FL_DIAL		2
72#define FL_KEEP		3
73
74extern struct filterent ifilters[MAXFILTERS];	/* incoming packet filter */
75extern struct filterent ofilters[MAXFILTERS];	/* outgoing packet filter */
76extern struct filterent dfilters[MAXFILTERS];	/* dial-out packet filter */
77extern struct filterent afilters[MAXFILTERS];	/* keep-alive packet filter */
78
79extern int ParseAddr(int, char **, struct in_addr *, struct in_addr *, int *);
80extern int ShowIfilter(struct cmdtab *, int, char **);
81extern int ShowOfilter(struct cmdtab *, int, char **);
82extern int ShowDfilter(struct cmdtab *, int, char **);
83extern int ShowAfilter(struct cmdtab *, int, char **);
84extern int SetIfilter(struct cmdtab *, int, char **);
85extern int SetOfilter(struct cmdtab *, int, char **);
86extern int SetDfilter(struct cmdtab *, int, char **);
87extern int SetAfilter(struct cmdtab *, int, char **);
88