1/*	$NetBSD: ip_scan.h,v 1.7 2009/08/19 08:36:13 darrenr Exp $	*/
2
3/*
4 * Copyright (C) 1993-2001 by Darren Reed.
5 *
6 * See the IPFILTER.LICENCE file for details on licencing.
7 *
8 * @(#)ip_fil.h	1.35 6/5/96
9 * Id: ip_scan.h,v 2.9.2.2 2006/07/14 06:12:19 darrenr Exp
10 */
11
12#ifndef __IP_SCAN_H__
13#define __IP_SCAN_H__ 1
14
15#ifdef sun
16# include <sys/ioccom.h>
17#endif
18
19#define	IPSCAN_NAME	"/dev/ipscan"
20#define	IPL_SCAN	IPSCAN_NAME
21#define	ISC_TLEN	16
22
23
24struct fr_info;
25struct frentry;
26struct ip;
27struct ipstate;
28
29
30#if defined(__STDC__) || defined(__GNUC__) || defined(_AIX51)
31# define	SIOCADSCA	_IOWR('r', 60, struct ipscan *)
32# define	SIOCRMSCA	_IOWR('r', 61, struct ipscan *)
33# define	SIOCGSCST	_IOWR('r', 62, struct ipscan *)
34#else
35# define	SIOCADSCA	_IOWR(r, 60, struct ipscan *)
36# define	SIOCRMSCA	_IOWR(r, 61, struct ipscan *)
37# define	SIOCGSCST	_IOWR(r, 62, struct ipscan *)
38#endif
39
40struct	action	{
41	int		act_val;	/* what to do */
42	struct	in_addr	act_ip;		/* redirect IP# */
43	u_short		act_port;	/* redirect port number */
44	int		act_else;	/* what to do */
45	struct	in_addr	act_eip;	/* redirect IP# */
46	u_short		act_eport;	/* redirect port number */
47};
48
49
50typedef	struct	sinfo {
51	char	s_txt[ISC_TLEN];	/* text to match */
52	char	s_msk[ISC_TLEN];	/* mask of the above to check */
53	int	s_len;			/* length of server text */
54} sinfo_t;
55
56
57typedef	struct	ipscan	{
58	struct	ipscan	*ipsc_next;
59	struct	ipscan	**ipsc_pnext;
60	char		ipsc_tag[ISC_TLEN];	/* table entry protocol tag */
61	sinfo_t		ipsc_si[2];	/* client/server side information */
62	int		ipsc_hits;	/* times this has been matched */
63	int		ipsc_active;	/* # of active matches */
64	int		ipsc_fref;	/* # of references from filter rules */
65	int		ipsc_sref;	/* # of references from state entries */
66	struct	action	ipsc_act;
67} ipscan_t;
68
69
70#define	ipsc_cl		ipsc_si[0]
71#define	ipsc_sl		ipsc_si[1]
72#define	ipsc_ctxt	ipsc_cl.s_txt
73#define	ipsc_cmsk	ipsc_cl.s_msk
74#define	ipsc_clen	ipsc_cl.s_len
75#define	ipsc_stxt	ipsc_sl.s_txt
76#define	ipsc_smsk	ipsc_sl.s_msk
77#define	ipsc_slen	ipsc_sl.s_len
78#define	ipsc_action	ipsc_act.act_val
79#define	ipsc_ip		ipsc_act.act_ip
80#define	ipsc_port	ipsc_act.act_port
81#define	ipsc_else	ipsc_act.act_else
82#define	ipsc_eip	ipsc_act.act_eip
83#define	ipsc_eport	ipsc_act.act_eport
84
85#define	ISC_A_NONE	0
86#define	ISC_A_TRACK	1
87#define	ISC_A_CLOSE	2
88#define	ISC_A_REDIRECT	3
89
90
91typedef	struct	ipscanstat	{
92	struct	ipscan	*iscs_list;
93	u_long		iscs_acted;
94	u_long		iscs_else;
95	int		iscs_entries;
96} ipscanstat_t;
97
98
99extern	int fr_scan_ioctl(void *, ioctlcmd_t, int, int, void *);
100extern	int ipsc_init(void);
101extern	int ipsc_attachis(struct ipstate *);
102extern	int ipsc_attachfr(struct frentry *);
103extern	int ipsc_detachis(struct ipstate *);
104extern	int ipsc_detachfr(struct frentry *);
105extern	int ipsc_packet(struct fr_info *, struct ipstate *);
106extern	void fr_scanunload(void);
107
108#endif /* __IP_SCAN_H__ */
109