1145519Sdarrenr/* $FreeBSD$ */ 2145510Sdarrenr 3145510Sdarrenr/* 4145510Sdarrenr * Copyright (C) 1993-2001 by Darren Reed. 5145510Sdarrenr * 6145510Sdarrenr * See the IPFILTER.LICENCE file for details on licencing. 7145510Sdarrenr * 8145510Sdarrenr * @(#)ip_fil.h 1.35 6/5/96 9161357Sguido * $Id: ipmon.h,v 2.8.2.1 2006/03/21 16:13:31 darrenr Exp $ 10145510Sdarrenr */ 11145510Sdarrenr 12145510Sdarrenr 13145510Sdarrenrtypedef struct ipmon_action { 14145510Sdarrenr struct ipmon_action *ac_next; 15145510Sdarrenr int ac_mflag; /* collection of things to compare */ 16145510Sdarrenr int ac_dflag; /* flags to compliment the doing fields */ 17145510Sdarrenr int ac_syslog; /* = 1 to syslog rules. */ 18145510Sdarrenr char *ac_savefile; /* filename to save log records to */ 19145510Sdarrenr FILE *ac_savefp; 20145510Sdarrenr int ac_direction; 21145510Sdarrenr char ac_group[FR_GROUPLEN]; 22145510Sdarrenr char ac_nattag[16]; 23145510Sdarrenr u_32_t ac_logtag; 24145510Sdarrenr int ac_type; /* nat/state/ipf */ 25145510Sdarrenr int ac_proto; 26145510Sdarrenr int ac_rule; 27145510Sdarrenr int ac_packet; 28145510Sdarrenr int ac_second; 29145510Sdarrenr int ac_result; 30145510Sdarrenr u_32_t ac_sip; 31145510Sdarrenr u_32_t ac_smsk; 32145510Sdarrenr u_32_t ac_dip; 33145510Sdarrenr u_32_t ac_dmsk; 34145510Sdarrenr u_short ac_sport; 35145510Sdarrenr u_short ac_dport; 36145510Sdarrenr char *ac_exec; /* execute argument */ 37145510Sdarrenr char *ac_run; /* actual command that gets run */ 38145510Sdarrenr char *ac_iface; 39145510Sdarrenr /* 40145510Sdarrenr * used with ac_packet/ac_second 41145510Sdarrenr */ 42145510Sdarrenr struct timeval ac_last; 43145510Sdarrenr int ac_pktcnt; 44145510Sdarrenr} ipmon_action_t; 45145510Sdarrenr 46145510Sdarrenr#define ac_lastsec ac_last.tv_sec 47145510Sdarrenr#define ac_lastusec ac_last.tv_usec 48145510Sdarrenr 49145510Sdarrenr/* 50145510Sdarrenr * Flags indicating what fields to do matching upon (ac_mflag). 51145510Sdarrenr */ 52145510Sdarrenr#define IPMAC_DIRECTION 0x0001 53145510Sdarrenr#define IPMAC_DSTIP 0x0002 54145510Sdarrenr#define IPMAC_DSTPORT 0x0004 55145510Sdarrenr#define IPMAC_EVERY 0x0008 56145510Sdarrenr#define IPMAC_GROUP 0x0010 57145510Sdarrenr#define IPMAC_INTERFACE 0x0020 58145510Sdarrenr#define IPMAC_LOGTAG 0x0040 59145510Sdarrenr#define IPMAC_NATTAG 0x0080 60145510Sdarrenr#define IPMAC_PROTOCOL 0x0100 61145510Sdarrenr#define IPMAC_RESULT 0x0200 62145510Sdarrenr#define IPMAC_RULE 0x0400 63145510Sdarrenr#define IPMAC_SRCIP 0x0800 64145510Sdarrenr#define IPMAC_SRCPORT 0x1000 65145510Sdarrenr#define IPMAC_TYPE 0x2000 66145510Sdarrenr#define IPMAC_WITH 0x4000 67145510Sdarrenr 68145510Sdarrenr#define IPMR_BLOCK 1 69145510Sdarrenr#define IPMR_PASS 2 70145510Sdarrenr#define IPMR_NOMATCH 3 71145510Sdarrenr#define IPMR_LOG 4 72145510Sdarrenr 73145510Sdarrenr#define IPMDO_SAVERAW 0x0001 74145510Sdarrenr 75145510Sdarrenr#define OPT_SYSLOG 0x001 76145510Sdarrenr#define OPT_RESOLVE 0x002 77145510Sdarrenr#define OPT_HEXBODY 0x004 78145510Sdarrenr#define OPT_VERBOSE 0x008 79145510Sdarrenr#define OPT_HEXHDR 0x010 80145510Sdarrenr#define OPT_TAIL 0x020 81145510Sdarrenr#define OPT_NAT 0x080 82145510Sdarrenr#define OPT_STATE 0x100 83145510Sdarrenr#define OPT_FILTER 0x200 84145510Sdarrenr#define OPT_PORTNUM 0x400 85145510Sdarrenr#define OPT_LOGALL (OPT_NAT|OPT_STATE|OPT_FILTER) 86145510Sdarrenr 87145510Sdarrenr#define HOSTNAME_V4(a,b) hostname((a), 4, (u_32_t *)&(b)) 88145510Sdarrenr 89145510Sdarrenr#ifndef LOGFAC 90145510Sdarrenr#define LOGFAC LOG_LOCAL0 91145510Sdarrenr#endif 92145510Sdarrenr 93145510Sdarrenrextern int load_config __P((char *)); 94145510Sdarrenrextern void dumphex __P((FILE *, int, char *, int)); 95145510Sdarrenrextern int check_action __P((char *, char *, int, int)); 96145510Sdarrenrextern char *getword __P((int)); 97161357Sguidoextern int fac_findname __P((char *)); 98