Changeset View
Changeset View
Standalone View
Standalone View
sys/net/pfvar.h
Show First 20 Lines • Show All 54 Lines • ▼ Show 20 Lines | |||||
#include <net/if.h> | #include <net/if.h> | ||||
#include <net/ethernet.h> | #include <net/ethernet.h> | ||||
#include <net/radix.h> | #include <net/radix.h> | ||||
#include <netinet/in.h> | #include <netinet/in.h> | ||||
#ifdef _KERNEL | #ifdef _KERNEL | ||||
#include <netinet/ip.h> | #include <netinet/ip.h> | ||||
#include <netinet/tcp.h> | #include <netinet/tcp.h> | ||||
#include <netinet/udp.h> | #include <netinet/udp.h> | ||||
#include <netinet/sctp.h> | |||||
#include <netinet/ip_icmp.h> | #include <netinet/ip_icmp.h> | ||||
#include <netinet/icmp6.h> | #include <netinet/icmp6.h> | ||||
#endif | #endif | ||||
#include <netpfil/pf/pf.h> | #include <netpfil/pf/pf.h> | ||||
#include <netpfil/pf/pf_altq.h> | #include <netpfil/pf/pf_altq.h> | ||||
#include <netpfil/pf/pf_mtag.h> | #include <netpfil/pf/pf_mtag.h> | ||||
▲ Show 20 Lines • Show All 1,474 Lines • ▼ Show 20 Lines | struct { | ||||
int done; | int done; | ||||
uid_t uid; | uid_t uid; | ||||
gid_t gid; | gid_t gid; | ||||
} lookup; | } lookup; | ||||
u_int64_t tot_len; /* Make Mickey money */ | u_int64_t tot_len; /* Make Mickey money */ | ||||
union pf_headers { | union pf_headers { | ||||
struct tcphdr tcp; | struct tcphdr tcp; | ||||
struct udphdr udp; | struct udphdr udp; | ||||
struct sctphdr sctp; | |||||
struct icmp icmp; | struct icmp icmp; | ||||
#ifdef INET6 | #ifdef INET6 | ||||
struct icmp6_hdr icmp6; | struct icmp6_hdr icmp6; | ||||
#endif /* INET6 */ | #endif /* INET6 */ | ||||
char any[0]; | char any[0]; | ||||
} hdr; | } hdr; | ||||
struct pf_krule *nat_rule; /* nat/rdr rule applied to packet */ | struct pf_krule *nat_rule; /* nat/rdr rule applied to packet */ | ||||
Show All 13 Lines | |||||
#define PFDESC_TCP_NORM 0x0001 /* TCP shall be statefully scrubbed */ | #define PFDESC_TCP_NORM 0x0001 /* TCP shall be statefully scrubbed */ | ||||
#define PFDESC_IP_REAS 0x0002 /* IP frags would've been reassembled */ | #define PFDESC_IP_REAS 0x0002 /* IP frags would've been reassembled */ | ||||
sa_family_t af; | sa_family_t af; | ||||
u_int8_t proto; | u_int8_t proto; | ||||
u_int8_t tos; | u_int8_t tos; | ||||
u_int8_t dir; /* direction */ | u_int8_t dir; /* direction */ | ||||
u_int8_t sidx; /* key index for source */ | u_int8_t sidx; /* key index for source */ | ||||
u_int8_t didx; /* key index for destination */ | u_int8_t didx; /* key index for destination */ | ||||
#define PFDESC_SCTP_INIT 0x0001 | |||||
#define PFDESC_SCTP_INIT_ACK 0x0002 | |||||
#define PFDESC_SCTP_COOKIE 0x0004 | |||||
#define PFDESC_SCTP_ABORT 0x0008 | |||||
#define PFDESC_SCTP_SHUTDOWN 0x0010 | |||||
#define PFDESC_SCTP_DATA 0x0020 | |||||
#define PFDESC_SCTP_OTHER 0x0040 | |||||
u_int16_t sctp_flags; | |||||
}; | }; | ||||
#endif | #endif | ||||
/* flags for RDR options */ | /* flags for RDR options */ | ||||
#define PF_DPORT_RANGE 0x01 /* Dest port uses range */ | #define PF_DPORT_RANGE 0x01 /* Dest port uses range */ | ||||
#define PF_RPORT_RANGE 0x02 /* RDR'ed port uses range */ | #define PF_RPORT_RANGE 0x02 /* RDR'ed port uses range */ | ||||
/* UDP state enumeration */ | /* UDP state enumeration */ | ||||
▲ Show 20 Lines • Show All 684 Lines • ▼ Show 20 Lines | |||||
int pf_normalize_tcp(int, struct pfi_kkif *, struct mbuf *, int, int, void *, | int pf_normalize_tcp(int, struct pfi_kkif *, struct mbuf *, int, int, void *, | ||||
struct pf_pdesc *); | struct pf_pdesc *); | ||||
void pf_normalize_tcp_cleanup(struct pf_kstate *); | void pf_normalize_tcp_cleanup(struct pf_kstate *); | ||||
int pf_normalize_tcp_init(struct mbuf *, int, struct pf_pdesc *, | int pf_normalize_tcp_init(struct mbuf *, int, struct pf_pdesc *, | ||||
struct tcphdr *, struct pf_state_peer *, struct pf_state_peer *); | struct tcphdr *, struct pf_state_peer *, struct pf_state_peer *); | ||||
int pf_normalize_tcp_stateful(struct mbuf *, int, struct pf_pdesc *, | int pf_normalize_tcp_stateful(struct mbuf *, int, struct pf_pdesc *, | ||||
u_short *, struct tcphdr *, struct pf_kstate *, | u_short *, struct tcphdr *, struct pf_kstate *, | ||||
struct pf_state_peer *, struct pf_state_peer *, int *); | struct pf_state_peer *, struct pf_state_peer *, int *); | ||||
int pf_normalize_sctp(int, struct pfi_kkif *, struct mbuf *, int, | |||||
int, void *, struct pf_pdesc *); | |||||
u_int32_t | u_int32_t | ||||
pf_state_expires(const struct pf_kstate *); | pf_state_expires(const struct pf_kstate *); | ||||
void pf_purge_expired_fragments(void); | void pf_purge_expired_fragments(void); | ||||
void pf_purge_fragments(uint32_t); | void pf_purge_fragments(uint32_t); | ||||
int pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kkif *, | int pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kkif *, | ||||
int); | int); | ||||
int pf_socket_lookup(int, struct pf_pdesc *, struct mbuf *); | int pf_socket_lookup(int, struct pf_pdesc *, struct mbuf *); | ||||
struct pf_state_key *pf_alloc_state_key(int); | struct pf_state_key *pf_alloc_state_key(int); | ||||
▲ Show 20 Lines • Show All 210 Lines • Show Last 20 Lines |