Page MenuHomeFreeBSD
Differential D29644 Diff 87031 sbin/pfctl/pfctl_parser.h

Changeset View

Standalone View

View Options

sbin/pfctl/pfctl_parser.h

Show All 30 Lines
* POSSIBILITY OF SUCH DAMAGE. * POSSIBILITY OF SUCH DAMAGE.
* *
* $FreeBSD$ * $FreeBSD$
*/ */
#ifndef _PFCTL_PARSER_H_ #ifndef _PFCTL_PARSER_H_
#define _PFCTL_PARSER_H_ #define _PFCTL_PARSER_H_
#include <libpfctl.h>
#define PF_OSFP_FILE "/etc/pf.os" #define PF_OSFP_FILE "/etc/pf.os"
#define PF_OPT_DISABLE 0x0001 #define PF_OPT_DISABLE 0x0001
#define PF_OPT_ENABLE 0x0002 #define PF_OPT_ENABLE 0x0002
#define PF_OPT_VERBOSE 0x0004 #define PF_OPT_VERBOSE 0x0004
#define PF_OPT_NOACTION 0x0008 #define PF_OPT_NOACTION 0x0008
#define PF_OPT_QUIET 0x0010 #define PF_OPT_QUIET 0x0010
#define PF_OPT_CLRRULECTRS 0x0020 #define PF_OPT_CLRRULECTRS 0x0020
Show All 30 Linesstruct pfctl {
int opts; int opts;
int optimize; int optimize;
int loadopt; int loadopt;
int asd; /* anchor stack depth */ int asd; /* anchor stack depth */
int bn; /* brace number */ int bn; /* brace number */
int brace; int brace;
int tdirty; /* kernel dirty */ int tdirty; /* kernel dirty */
#define PFCTL_ANCHOR_STACK_DEPTH 64 #define PFCTL_ANCHOR_STACK_DEPTH 64
struct pf_anchor *astack[PFCTL_ANCHOR_STACK_DEPTH]; struct pfctl_anchor *astack[PFCTL_ANCHOR_STACK_DEPTH];
struct pfioc_pooladdr paddr; struct pfioc_pooladdr paddr;
struct pfioc_altq *paltq; struct pfioc_altq *paltq;
struct pfioc_queue *pqueue; struct pfioc_queue *pqueue;
struct pfr_buffer *trans; struct pfr_buffer *trans;
struct pf_anchor *anchor, *alast; struct pfctl_anchor *anchor, *alast;
const char *ruleset; const char *ruleset;
/* 'set foo' options */ /* 'set foo' options */
u_int32_t timeout[PFTM_MAX]; u_int32_t timeout[PFTM_MAX];
u_int32_t limit[PF_LIMIT_MAX]; u_int32_t limit[PF_LIMIT_MAX];
u_int32_t debug; u_int32_t debug;
u_int32_t hostid; u_int32_t hostid;
char *ifname; char *ifname;
▲ Show 20 LinesShow All 135 Lines▼ Show 20 Linesstruct pf_opt_tbl {
int pt_generated; int pt_generated;
struct node_tinithead pt_nodes; struct node_tinithead pt_nodes;
struct pfr_buffer *pt_buf; struct pfr_buffer *pt_buf;
}; };
#define PF_OPT_TABLE_PREFIX "__automatic_" #define PF_OPT_TABLE_PREFIX "__automatic_"
/* optimizer pf_rule container */ /* optimizer pf_rule container */
struct pf_opt_rule { struct pf_opt_rule {
struct pf_rule por_rule; struct pfctl_rule por_rule;
struct pf_opt_tbl *por_src_tbl; struct pf_opt_tbl *por_src_tbl;
struct pf_opt_tbl *por_dst_tbl; struct pf_opt_tbl *por_dst_tbl;
u_int64_t por_profile_count; u_int64_t por_profile_count;
TAILQ_ENTRY(pf_opt_rule) por_entry; TAILQ_ENTRY(pf_opt_rule) por_entry;
TAILQ_ENTRY(pf_opt_rule) por_skip_entry[PF_SKIP_COUNT]; TAILQ_ENTRY(pf_opt_rule) por_skip_entry[PF_SKIP_COUNT];
}; };
TAILQ_HEAD(pf_opt_queue, pf_opt_rule); TAILQ_HEAD(pf_opt_queue, pf_opt_rule);
int pfctl_rules(int, char *, int, int, char *, struct pfr_buffer *); int pfctl_rules(int, char *, int, int, char *, struct pfr_buffer *);
int pfctl_optimize_ruleset(struct pfctl *, struct pf_ruleset *); int pfctl_optimize_ruleset(struct pfctl *, struct pfctl_ruleset *);
int pfctl_add_rule(struct pfctl *, struct pf_rule *, const char *); int pfctl_add_rule(struct pfctl *, struct pfctl_rule *, const char *);
int pfctl_add_altq(struct pfctl *, struct pf_altq *); int pfctl_add_altq(struct pfctl *, struct pf_altq *);
int pfctl_add_pool(struct pfctl *, struct pf_pool *, sa_family_t); int pfctl_add_pool(struct pfctl *, struct pf_pool *, sa_family_t);
void pfctl_move_pool(struct pf_pool *, struct pf_pool *); void pfctl_move_pool(struct pf_pool *, struct pf_pool *);
void pfctl_clear_pool(struct pf_pool *); void pfctl_clear_pool(struct pf_pool *);
int pfctl_set_timeout(struct pfctl *, const char *, int, int); int pfctl_set_timeout(struct pfctl *, const char *, int, int);
int pfctl_set_optimization(struct pfctl *, const char *); int pfctl_set_optimization(struct pfctl *, const char *);
int pfctl_set_limit(struct pfctl *, const char *, unsigned int); int pfctl_set_limit(struct pfctl *, const char *, unsigned int);
int pfctl_set_logif(struct pfctl *, char *); int pfctl_set_logif(struct pfctl *, char *);
int pfctl_set_hostid(struct pfctl *, u_int32_t); int pfctl_set_hostid(struct pfctl *, u_int32_t);
int pfctl_set_debug(struct pfctl *, char *); int pfctl_set_debug(struct pfctl *, char *);
int pfctl_set_interface_flags(struct pfctl *, char *, int, int); int pfctl_set_interface_flags(struct pfctl *, char *, int, int);
int parse_config(char *, struct pfctl *); int parse_config(char *, struct pfctl *);
int parse_flags(char *); int parse_flags(char *);
int pfctl_load_anchors(int, struct pfctl *, struct pfr_buffer *); int pfctl_load_anchors(int, struct pfctl *, struct pfr_buffer *);
void print_pool(struct pf_pool *, u_int16_t, u_int16_t, sa_family_t, int); void print_pool(struct pf_pool *, u_int16_t, u_int16_t, sa_family_t, int);
void print_src_node(struct pf_src_node *, int); void print_src_node(struct pf_src_node *, int);
void print_rule(struct pf_rule *, const char *, int, int); void print_rule(struct pfctl_rule *, const char *, int, int);
void print_tabledef(const char *, int, int, struct node_tinithead *); void print_tabledef(const char *, int, int, struct node_tinithead *);
void print_status(struct pf_status *, int); void print_status(struct pf_status *, int);
void print_running(struct pf_status *); void print_running(struct pf_status *);
int eval_pfaltq(struct pfctl *, struct pf_altq *, struct node_queue_bw *, int eval_pfaltq(struct pfctl *, struct pf_altq *, struct node_queue_bw *,
struct node_queue_opt *); struct node_queue_opt *);
int eval_pfqueue(struct pfctl *, struct pf_altq *, struct node_queue_bw *, int eval_pfqueue(struct pfctl *, struct pf_altq *, struct node_queue_bw *,
struct node_queue_opt *); struct node_queue_opt *);
▲ Show 20 LinesShow All 61 LinesShow Last 20 Lines