1/* $FreeBSD$ */ 2 3/* 4 * Copyright (C) 2012 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * @(#)ip_fil.h 1.35 6/5/96 9 * $Id$ 10 */ 11 12typedef struct ipmon_msg_s { 13 int imm_msglen; 14 char *imm_msg; 15 int imm_dsize; 16 void *imm_data; 17 time_t imm_when; 18 int imm_loglevel; 19} ipmon_msg_t; 20 21typedef void (*ims_destroy_func_t)(void *); 22typedef void *(*ims_dup_func_t)(void *); 23typedef int (*ims_match_func_t)(void *, void *); 24typedef void *(*ims_parse_func_t)(char **); 25typedef void (*ims_print_func_t)(void *); 26typedef int (*ims_store_func_t)(void *, ipmon_msg_t *); 27 28typedef struct ipmon_saver_s { 29 char *ims_name; 30 ims_destroy_func_t ims_destroy; 31 ims_dup_func_t ims_dup; 32 ims_match_func_t ims_match; 33 ims_parse_func_t ims_parse; 34 ims_print_func_t ims_print; 35 ims_store_func_t ims_store; 36} ipmon_saver_t; 37 38typedef struct ipmon_saver_int_s { 39 struct ipmon_saver_int_s *imsi_next; 40 ipmon_saver_t *imsi_stor; 41 void *imsi_handle; 42} ipmon_saver_int_t; 43 44typedef struct ipmon_doing_s { 45 struct ipmon_doing_s *ipmd_next; 46 void *ipmd_token; 47 ipmon_saver_t *ipmd_saver; 48 /* 49 * ipmd_store is "cached" in this structure to avoid a double 50 * deref when doing saves.... 51 */ 52 int (*ipmd_store)(void *, ipmon_msg_t *); 53} ipmon_doing_t; 54 55 56typedef struct ipmon_action { 57 struct ipmon_action *ac_next; 58 int ac_mflag; /* collection of things to compare */ 59 int ac_dflag; /* flags to compliment the doing fields */ 60 int ac_logpri; 61 int ac_direction; 62 char ac_group[FR_GROUPLEN]; 63 char ac_nattag[16]; 64 u_32_t ac_logtag; 65 int ac_type; /* nat/state/ipf */ 66 int ac_proto; 67 int ac_rule; 68 int ac_packet; 69 int ac_second; 70 int ac_result; 71 u_32_t ac_sip; 72 u_32_t ac_smsk; 73 u_32_t ac_dip; 74 u_32_t ac_dmsk; 75 u_short ac_sport; 76 u_short ac_dport; 77 char *ac_iface; 78 /* 79 * used with ac_packet/ac_second 80 */ 81 struct timeval ac_last; 82 int ac_pktcnt; 83 /* 84 * What to do with matches 85 */ 86 ipmon_doing_t *ac_doing; 87} ipmon_action_t; 88 89#define ac_lastsec ac_last.tv_sec 90#define ac_lastusec ac_last.tv_usec 91 92/* 93 * Flags indicating what fields to do matching upon (ac_mflag). 94 */ 95#define IPMAC_DIRECTION 0x0001 96#define IPMAC_DSTIP 0x0002 97#define IPMAC_DSTPORT 0x0004 98#define IPMAC_EVERY 0x0008 99#define IPMAC_GROUP 0x0010 100#define IPMAC_INTERFACE 0x0020 101#define IPMAC_LOGTAG 0x0040 102#define IPMAC_NATTAG 0x0080 103#define IPMAC_PROTOCOL 0x0100 104#define IPMAC_RESULT 0x0200 105#define IPMAC_RULE 0x0400 106#define IPMAC_SRCIP 0x0800 107#define IPMAC_SRCPORT 0x1000 108#define IPMAC_TYPE 0x2000 109#define IPMAC_WITH 0x4000 110 111#define IPMR_BLOCK 1 112#define IPMR_PASS 2 113#define IPMR_NOMATCH 3 114#define IPMR_LOG 4 115 116#define IPMON_SYSLOG 0x001 117#define IPMON_RESOLVE 0x002 118#define IPMON_HEXBODY 0x004 119#define IPMON_HEXHDR 0x010 120#define IPMON_TAIL 0x020 121#define IPMON_VERBOSE 0x040 122#define IPMON_NAT 0x080 123#define IPMON_STATE 0x100 124#define IPMON_FILTER 0x200 125#define IPMON_PORTNUM 0x400 126#define IPMON_LOGALL (IPMON_NAT|IPMON_STATE|IPMON_FILTER) 127#define IPMON_LOGBODY 0x800 128 129#define HOSTNAME_V4(a,b) hostname((a), 4, (u_32_t *)&(b)) 130 131#ifndef LOGFAC 132#define LOGFAC LOG_LOCAL0 133#endif 134 135extern void dump_config __P((void)); 136extern int load_config __P((char *)); 137extern void unload_config __P((void)); 138extern void dumphex __P((FILE *, int, char *, int)); 139extern int check_action __P((char *, char *, int, int)); 140extern char *getword __P((int)); 141extern void *add_doing __P((ipmon_saver_t *)); 142 143