fw.h

Go to the documentation of this file.

/*
 * fw.h
 *
 * Network firewalling operations.
 *
 * Copyright (c) 2001 Dug Song <dugsong@monkey.org>
 *
 * $Id: fw.h,v 1.13 2002/12/14 04:02:36 dugsong Exp $
 */

#ifndef DNET_FW_H
#define DNET_FW_H

struct fw_rule {
        char            fw_device[INTF_NAME_LEN]; /* interface name */
        uint8_t         fw_op;                    /* operation */
        uint8_t         fw_dir;                   /* direction */
        uint8_t         fw_proto;                 /* IP protocol */
        struct addr     fw_src;                   /* src address / net */
        struct addr     fw_dst;                   /* dst address / net */
        uint16_t        fw_sport[2];              /* range / ICMP type */
        uint16_t        fw_dport[2];              /* range / ICMP code */
};

#define FW_OP_ALLOW     1
#define FW_OP_BLOCK     2

#define FW_DIR_IN       1
#define FW_DIR_OUT      2

#define fw_pack_rule(rule, dev, op, dir, p, s, d, sp1, sp2, dp1, dp2)   \
do {                                                                    \
        strlcpy((rule)->fw_device, dev, sizeof((rule)->fw_device));     \
        (rule)->fw_op = op; (rule)->fw_dir = dir;                       \
        (rule)->fw_proto = p;                                           \
        memmove(&(rule)->fw_src, &(s), sizeof((rule)->fw_src));         \
        memmove(&(rule)->fw_dst, &(d), sizeof((rule)->fw_dst));         \
        (rule)->fw_sport[0] = sp1; (rule)->fw_sport[1] = sp2;           \
        (rule)->fw_dport[0] = dp1; (rule)->fw_dport[1] = dp2;           \
} while (0)

typedef struct fw_handle fw_t;

typedef int (*fw_handler)(const struct fw_rule *rule, void *arg);

__BEGIN_DECLS
fw_t    *fw_open(void);
int      fw_add(fw_t *f, const struct fw_rule *rule);
int      fw_delete(fw_t *f, const struct fw_rule *rule);
int      fw_loop(fw_t *f, fw_handler callback, void *arg);
fw_t    *fw_close(fw_t *f);
__END_DECLS

#endif /* DNET_FW_H */

---