1/*
2 * Copyright (c) 2012, The Linux Foundation. All rights reserved.
3 * Permission to use, copy, modify, and/or distribute this software for
4 * any purpose with or without fee is hereby granted, provided that the
5 * above copyright notice and this permission notice appear in all copies.
6 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
7 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
8 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
9 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
10 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
11 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
12 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
13 */
14
15
16#include "fal_nat.h"
17#include "fal_ip.h"
18#include "hsl_api.h"
19#include "hsl.h"
20
21#ifdef ISISC
22#include "isisc_acl.h"
23#include "isisc_reg.h"
24#else
25#include "isis_acl.h"
26#include "isis_reg.h"
27#endif
28
29#define MAX_PPPOE_PASSTHROUGH_NUM 4
30/* ACL list priority */
31#define S17_ACL_LIST_PRIO_HIGH  0
32#define S17_ACL_LIST_PRIO_MID   1
33#define S17_ACL_LIST_PRIO_LOW   2
34#define S17_ACL_LIST_PRIO_LOWEST    3
35
36#define S17_ACL_LIST_IPCONF 0
37#define S17_ACL_LIST_UDP0   1
38#define S17_ACL_LIST_DROUTE 2
39#define S17_ACL_LIST_PPPOE  3
40#define S17_ACL_LIST_IPV6MLD    5
41#define S17_ACL_LIST_IPV6_SOLICITED_NODE    7
42#define S17_ACL_LIST_IPV6_NODEINFO_QUERY    9
43#define S17_ACL_LIST_IPV6_SEXTUPLE0_GROUP   11
44#define S17_ACL_LIST_IPV6_QUINTRUPLE0_1_GROUP   13
45#define S17_ACL_LIST_UPNP_SSDP  15
46#define S17_ACL_LIST_PPPOE_PASSTHROUGH_LAN_TO_WAN 17
47#define S17_ACL_LIST_PPPOE_PASSTHROUGH_WAN_TO_LAN 19
48#define S17_ACL_LIST_PLC_FILTER 22
49#define S17_ACL_LIST_REDIRECT_INTERNAL_IP_TO_CPU_ON_WAN 26
50#define S17_ACL_ICMP_FROM_WAN 27
51#define S17_ACL_LIST_IPV6DROUTE 28
52#define S17_ACL_LIST_DSCP_REMAP 29
53
54
55/* port # of WAN, 1 for DB120 demo board */
56#define S17_WAN_PORT    5
57#define S17_CPU_PORT    0
58
59#define S17_LAN_PORT0   1
60#define S17_LAN_PORT1   2
61#define S17_LAN_PORT2   3
62#define S17_LAN_PORT3   4
63
64
65
66
67uint32_t get_aclrulemask(void);
68void set_aclrulemask(uint32_t acl_list);
69
70void droute_add_acl_rules(uint32_t local_ip, uint32_t local_ip_mask, uint32_t gw_entry_id);
71void ipv6_droute_del_acl_rules(void);
72void ipv6_droute_add_acl_rules(struct in6_addr *local_ip, uint32_t gw_entry_id);
73void pppoe_add_acl_rules(
74	uint32_t wan_ip, uint32_t local_ip,
75	uint32_t local_ip_mask, uint32_t gw_entry_id);
76void ip_conflict_add_acl_rules(uint32_t wan_ip, uint32_t lan_ip, uint32_t gw_entry_id);
77void ipv6_snooping_solicted_node_add_acl_rules(void);
78void ipv6_snooping_nodeinfo_query_add_acl_rules(void);
79void ipv6_snooping_sextuple0_group_add_acl_rules(void);
80void ipv6_snooping_quintruple0_1_group_add_acl_rules ( void );
81void upnp_ssdp_add_acl_rules(void);
82unsigned int isis_set_pppoe_passthrough(int enable);
83unsigned int isis_enable_pppoe_discovery_acl(void);
84int pppoe_passthrough_acl_rules(uint32_t gw_entry_id, unsigned char *mac);
85