1/* 2 * Copyright (c) 2012, The Linux Foundation. All rights reserved. 3 * Permission to use, copy, modify, and/or distribute this software for 4 * any purpose with or without fee is hereby granted, provided that the 5 * above copyright notice and this permission notice appear in all copies. 6 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 7 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 8 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 9 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 10 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 11 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT 12 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 13 */ 14 15 16#include "fal_nat.h" 17#include "fal_ip.h" 18#include "hsl_api.h" 19#include "hsl.h" 20 21#ifdef ISISC 22#include "isisc_acl.h" 23#include "isisc_reg.h" 24#else 25#include "isis_acl.h" 26#include "isis_reg.h" 27#endif 28 29#define MAX_PPPOE_PASSTHROUGH_NUM 4 30/* ACL list priority */ 31#define S17_ACL_LIST_PRIO_HIGH 0 32#define S17_ACL_LIST_PRIO_MID 1 33#define S17_ACL_LIST_PRIO_LOW 2 34#define S17_ACL_LIST_PRIO_LOWEST 3 35 36#define S17_ACL_LIST_IPCONF 0 37#define S17_ACL_LIST_UDP0 1 38#define S17_ACL_LIST_DROUTE 2 39#define S17_ACL_LIST_PPPOE 3 40#define S17_ACL_LIST_IPV6MLD 5 41#define S17_ACL_LIST_IPV6_SOLICITED_NODE 7 42#define S17_ACL_LIST_IPV6_NODEINFO_QUERY 9 43#define S17_ACL_LIST_IPV6_SEXTUPLE0_GROUP 11 44#define S17_ACL_LIST_IPV6_QUINTRUPLE0_1_GROUP 13 45#define S17_ACL_LIST_UPNP_SSDP 15 46#define S17_ACL_LIST_PPPOE_PASSTHROUGH_LAN_TO_WAN 17 47#define S17_ACL_LIST_PPPOE_PASSTHROUGH_WAN_TO_LAN 19 48#define S17_ACL_LIST_PLC_FILTER 22 49#define S17_ACL_LIST_REDIRECT_INTERNAL_IP_TO_CPU_ON_WAN 26 50#define S17_ACL_ICMP_FROM_WAN 27 51#define S17_ACL_LIST_IPV6DROUTE 28 52#define S17_ACL_LIST_DSCP_REMAP 29 53 54 55/* port # of WAN, 1 for DB120 demo board */ 56#define S17_WAN_PORT 5 57#define S17_CPU_PORT 0 58 59#define S17_LAN_PORT0 1 60#define S17_LAN_PORT1 2 61#define S17_LAN_PORT2 3 62#define S17_LAN_PORT3 4 63 64 65 66 67uint32_t get_aclrulemask(void); 68void set_aclrulemask(uint32_t acl_list); 69 70void droute_add_acl_rules(uint32_t local_ip, uint32_t local_ip_mask, uint32_t gw_entry_id); 71void ipv6_droute_del_acl_rules(void); 72void ipv6_droute_add_acl_rules(struct in6_addr *local_ip, uint32_t gw_entry_id); 73void pppoe_add_acl_rules( 74 uint32_t wan_ip, uint32_t local_ip, 75 uint32_t local_ip_mask, uint32_t gw_entry_id); 76void ip_conflict_add_acl_rules(uint32_t wan_ip, uint32_t lan_ip, uint32_t gw_entry_id); 77void ipv6_snooping_solicted_node_add_acl_rules(void); 78void ipv6_snooping_nodeinfo_query_add_acl_rules(void); 79void ipv6_snooping_sextuple0_group_add_acl_rules(void); 80void ipv6_snooping_quintruple0_1_group_add_acl_rules ( void ); 81void upnp_ssdp_add_acl_rules(void); 82unsigned int isis_set_pppoe_passthrough(int enable); 83unsigned int isis_enable_pppoe_discovery_acl(void); 84int pppoe_passthrough_acl_rules(uint32_t gw_entry_id, unsigned char *mac); 85