filter.h revision 47648 
1/*
2 *	    Written by Toshiharu OHNO (tony-o@iij.ad.jp)
3 *
4 *   Copyright (C) 1993, Internet Initiative Japan, Inc. All rights reserverd.
5 *
6 * Redistribution and use in source and binary forms are permitted
7 * provided that the above copyright notice and this paragraph are
8 * duplicated in all such forms and that any documentation,
9 * advertising materials, and other materials related to such
10 * distribution and use acknowledge that the software was developed
11 * by the Internet Initiative Japan.  The name of the
12 * IIJ may not be used to endorse or promote products derived
13 * from this software without specific prior written permission.
14 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
16 * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
17 *
18 * $Id: filter.h,v 1.14 1999/01/28 01:56:31 brian Exp $
19 *
20 *	TODO:
21 */
22
23/* Actions */
24#define	A_NONE		0
25#define	A_PERMIT	1
26#define	A_DENY		2
27#define	A_MASK		3
28#define	A_UHOST		4
29#define	A_UPORT		8
30
31/* Known protocols */
32#define	P_NONE	0
33#define	P_TCP	1
34#define	P_UDP	2
35#define	P_ICMP	3
36
37/* Operations */
38#define	OP_NONE	0
39#define	OP_EQ	1
40#define	OP_GT	2
41#define	OP_LT	4
42
43/* srctype or dsttype */
44#define T_ADDR		0
45#define T_MYADDR	1
46#define T_HISADDR	2
47
48struct filterent {
49  int action;			/* Filtering action */
50  unsigned srctype : 2;		/* T_ value of src */
51  struct in_range src;		/* Source address */
52  unsigned dsttype : 2;		/* T_ value of dst */
53  struct in_range dst;		/* Destination address */
54  int proto;			/* Protocol */
55  struct {
56    short srcop;
57    u_short srcport;
58    short dstop;
59    u_short dstport;
60    unsigned estab : 1;
61    unsigned syn : 1;
62    unsigned finrst : 1;
63  } opt;
64};
65
66#define	MAXFILTERS		40	/* in each filter set */
67
68struct filter {
69  struct filterent rule[MAXFILTERS];	/* incoming packet filter */
70  const char *name;
71  unsigned fragok : 1;
72  unsigned logok : 1;
73};
74
75#define FL_IN		0
76#define FL_OUT		1
77#define FL_DIAL		2
78#define FL_KEEP		3
79
80struct ipcp;
81struct cmdargs;
82
83extern int ParseAddr(struct ipcp *, const char *, struct in_addr *,
84                     struct in_addr *, int *);
85extern int filter_Show(struct cmdargs const *);
86extern int filter_Set(struct cmdargs const *);
87extern const char * filter_Action2Nam(int);
88extern const char *filter_Proto2Nam(int);
89extern const char *filter_Op2Nam(int);
90extern struct in_addr bits2mask(int);
91extern void filter_AdjustAddr(struct filter *, struct in_addr *,
92                              struct in_addr *);
93