1/* $NetBSD: ip_scan.h,v 1.3 2012/07/22 14:27:51 darrenr Exp $ */
2
3/*
4 * Copyright (C) 2012 by Darren Reed.
5 *
6 * See the IPFILTER.LICENCE file for details on licencing.
7 *
8 * @(#)ip_fil.h 1.35 6/5/96
9 * Id: ip_scan.h,v 1.1.1.2 2012/07/22 13:45:34 darrenr Exp
10 */
11
12#ifndef __IP_SCAN_H__
13#define __IP_SCAN_H__ 1
14
15#ifdef sun
16# include <sys/ioccom.h>
17#endif
18
19#define IPSCAN_NAME "/dev/ipscan"
20#define IPL_SCAN IPSCAN_NAME
21#define ISC_TLEN 16
22
23
24struct fr_info;
25struct frentry;
26struct ip;
27struct ipstate;
28
29
30#if defined(__STDC__) || defined(__GNUC__) || defined(_AIX51)
31# define SIOCADSCA _IOWR('r', 60, struct ipscan *)
32# define SIOCRMSCA _IOWR('r', 61, struct ipscan *)
33# define SIOCGSCST _IOWR('r', 62, struct ipscan *)
34#else
35# define SIOCADSCA _IOWR(r, 60, struct ipscan *)
36# define SIOCRMSCA _IOWR(r, 61, struct ipscan *)
37# define SIOCGSCST _IOWR(r, 62, struct ipscan *)
38#endif
39
40struct action {
41 int act_val; /* what to do */
42 struct in_addr act_ip; /* redirect IP# */
43 u_short act_port; /* redirect port number */
44 int act_else; /* what to do */
45 struct in_addr act_eip; /* redirect IP# */
46 u_short act_eport; /* redirect port number */
47};
48
49
50typedef struct sinfo {
51 char s_txt[ISC_TLEN]; /* text to match */
52 char s_msk[ISC_TLEN]; /* mask of the above to check */
53 int s_len; /* length of server text */
54} sinfo_t;
55
56
57typedef struct ipscan {
58 struct ipscan *ipsc_next;
59 struct ipscan **ipsc_pnext;
60 char ipsc_tag[ISC_TLEN]; /* table entry protocol tag */
61 sinfo_t ipsc_si[2]; /* client/server side information */
62 int ipsc_hits; /* times this has been matched */
63 int ipsc_active; /* # of active matches */
64 int ipsc_fref; /* # of references from filter rules */
65 int ipsc_sref; /* # of references from state entries */
66 struct action ipsc_act;
67} ipscan_t;
68
69
70#define ipsc_cl ipsc_si[0]
71#define ipsc_sl ipsc_si[1]
72#define ipsc_ctxt ipsc_cl.s_txt
73#define ipsc_cmsk ipsc_cl.s_msk
74#define ipsc_clen ipsc_cl.s_len
75#define ipsc_stxt ipsc_sl.s_txt
76#define ipsc_smsk ipsc_sl.s_msk
77#define ipsc_slen ipsc_sl.s_len
78#define ipsc_action ipsc_act.act_val
79#define ipsc_ip ipsc_act.act_ip
80#define ipsc_port ipsc_act.act_port
81#define ipsc_else ipsc_act.act_else
82#define ipsc_eip ipsc_act.act_eip
83#define ipsc_eport ipsc_act.act_eport
84
85#define ISC_A_NONE 0
86#define ISC_A_TRACK 1
87#define ISC_A_CLOSE 2
88#define ISC_A_REDIRECT 3
89
90
91typedef struct ipscanstat {
92 struct ipscan *iscs_list;
93 u_long iscs_acted;
94 u_long iscs_else;
95 int iscs_entries;
96} ipscanstat_t;
97
98
99extern int ipf_scan_ioctl(ipf_main_softc_t *, void *, ioctlcmd_t, int, int, void *);
100extern int ipf_scan_init(void);
101extern int ipf_scan_attachis(struct ipstate *);
102extern int ipf_scan_attachfr(struct frentry *);
103extern int ipf_scan_detachis(struct ipstate *);
104extern int ipf_scan_detachfr(struct frentry *);
105extern int ipf_scan_packet(struct fr_info *, struct ipstate *);
106extern void ipf_scan_unload(ipf_main_softc_t *);
107
108#endif /* __IP_SCAN_H__ */
109