2 * Copyright (c) 2002-2009 Luigi Rizzo, Universita` di Pisa
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
13 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 #ifndef _IPFW2_TABLE_H
29 #define _IPFW2_TABLE_H
32 * Internal constants and data structures used by ipfw tables
33 * not meant to be exported outside the kernel.
38 struct tables_config {
39 struct namedobj_instance *namehash;
40 struct namedobj_instance *valhash;
43 struct table_algo *algo[256];
44 struct table_algo *def_algo[IPFW_TABLE_MAXTYPE + 1];
45 TAILQ_HEAD(op_state_l,op_state) state_list;
47 #define CHAIN_TO_TCFG(chain) ((struct tables_config *)(chain)->tblcfg)
50 table_lookup_t *lookup; /* Lookup function */
51 void *state; /* Lookup radix/other structure */
52 void *xstate; /* eXtended state */
53 u_long data; /* Hints for given func */
56 /* Internal structures for handling sockopt data */
58 uint32_t set; /* table set */
59 uint16_t uidx; /* table index */
60 uint8_t type; /* table type */
62 void *tlvs; /* Pointer to first TLV */
63 int tlen; /* Total TLV size block */
69 struct table_value *pvalue;
70 void *ptv; /* Temporary field to hold obj */
71 uint8_t masklen; /* mask length */
73 uint16_t flags; /* record flags */
74 uint32_t value; /* value index */
76 #define TEI_FLAGS_UPDATE 0x0001 /* Add or update rec if exists */
77 #define TEI_FLAGS_UPDATED 0x0002 /* Entry has been updated */
78 #define TEI_FLAGS_COMPAT 0x0004 /* Called from old ABI */
79 #define TEI_FLAGS_DONTADD 0x0008 /* Do not create new rec */
80 #define TEI_FLAGS_ADDED 0x0010 /* Entry was added */
81 #define TEI_FLAGS_DELETED 0x0020 /* Entry was deleted */
82 #define TEI_FLAGS_LIMIT 0x0040 /* Limit was hit */
83 #define TEI_FLAGS_ERROR 0x0080 /* Unknown request error */
84 #define TEI_FLAGS_NOTFOUND 0x0100 /* Entry was not found */
85 #define TEI_FLAGS_EXISTS 0x0200 /* Entry already exists */
87 typedef int (ta_init)(struct ip_fw_chain *ch, void **ta_state,
88 struct table_info *ti, char *data, uint8_t tflags);
89 typedef void (ta_destroy)(void *ta_state, struct table_info *ti);
90 typedef int (ta_prepare_add)(struct ip_fw_chain *ch, struct tentry_info *tei,
92 typedef int (ta_prepare_del)(struct ip_fw_chain *ch, struct tentry_info *tei,
94 typedef int (ta_add)(void *ta_state, struct table_info *ti,
95 struct tentry_info *tei, void *ta_buf, uint32_t *pnum);
96 typedef int (ta_del)(void *ta_state, struct table_info *ti,
97 struct tentry_info *tei, void *ta_buf, uint32_t *pnum);
98 typedef void (ta_flush_entry)(struct ip_fw_chain *ch, struct tentry_info *tei,
101 typedef int (ta_need_modify)(void *ta_state, struct table_info *ti,
102 uint32_t count, uint64_t *pflags);
103 typedef int (ta_prepare_mod)(void *ta_buf, uint64_t *pflags);
104 typedef int (ta_fill_mod)(void *ta_state, struct table_info *ti,
105 void *ta_buf, uint64_t *pflags);
106 typedef void (ta_modify)(void *ta_state, struct table_info *ti,
107 void *ta_buf, uint64_t pflags);
108 typedef void (ta_flush_mod)(void *ta_buf);
110 typedef void (ta_change_ti)(void *ta_state, struct table_info *ti);
111 typedef void (ta_print_config)(void *ta_state, struct table_info *ti, char *buf,
114 typedef int ta_foreach_f(void *node, void *arg);
115 typedef void ta_foreach(void *ta_state, struct table_info *ti, ta_foreach_f *f,
117 typedef int ta_dump_tentry(void *ta_state, struct table_info *ti, void *e,
118 ipfw_obj_tentry *tent);
119 typedef int ta_find_tentry(void *ta_state, struct table_info *ti,
120 ipfw_obj_tentry *tent);
121 typedef void ta_dump_tinfo(void *ta_state, struct table_info *ti,
122 ipfw_ta_tinfo *tinfo);
123 typedef uint32_t ta_get_count(void *ta_state, struct table_info *ti);
135 ta_prepare_add *prepare_add;
136 ta_prepare_del *prepare_del;
139 ta_flush_entry *flush_entry;
140 ta_find_tentry *find_tentry;
141 ta_need_modify *need_modify;
142 ta_prepare_mod *prepare_mod;
143 ta_fill_mod *fill_mod;
145 ta_flush_mod *flush_mod;
146 ta_change_ti *change_ti;
148 ta_dump_tentry *dump_tentry;
149 ta_print_config *print_config;
150 ta_dump_tinfo *dump_tinfo;
151 ta_get_count *get_count;
153 #define TA_FLAG_DEFAULT 0x01 /* Algo is default for given type */
154 #define TA_FLAG_READONLY 0x02 /* Algo does not support modifications*/
155 #define TA_FLAG_EXTCOUNTER 0x04 /* Algo has external counter available*/
157 int ipfw_add_table_algo(struct ip_fw_chain *ch, struct table_algo *ta,
158 size_t size, int *idx);
159 void ipfw_del_table_algo(struct ip_fw_chain *ch, int idx);
161 void ipfw_table_algo_init(struct ip_fw_chain *chain);
162 void ipfw_table_algo_destroy(struct ip_fw_chain *chain);
164 MALLOC_DECLARE(M_IPFW_TBL);
165 /* Exported to support legacy opcodes */
166 int add_table_entry(struct ip_fw_chain *ch, struct tid_info *ti,
167 struct tentry_info *tei, uint8_t flags, uint32_t count);
168 int del_table_entry(struct ip_fw_chain *ch, struct tid_info *ti,
169 struct tentry_info *tei, uint8_t flags, uint32_t count);
170 int flush_table(struct ip_fw_chain *ch, struct tid_info *ti);
171 void ipfw_import_table_value_legacy(uint32_t value, struct table_value *v);
172 uint32_t ipfw_export_table_value_legacy(struct table_value *v);
173 int ipfw_get_table_size(struct ip_fw_chain *ch, ip_fw3_opheader *op3,
174 struct sockopt_data *sd);
176 /* ipfw_table_value.c functions */
178 struct tableop_state;
179 void ipfw_table_value_init(struct ip_fw_chain *ch, int first);
180 void ipfw_table_value_destroy(struct ip_fw_chain *ch, int last);
181 int ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts);
182 void ipfw_garbage_table_values(struct ip_fw_chain *ch, struct table_config *tc,
183 struct tentry_info *tei, uint32_t count, int rollback);
184 void ipfw_import_table_value_v1(ipfw_table_value *iv);
185 void ipfw_export_table_value_v1(struct table_value *v, ipfw_table_value *iv);
186 void ipfw_unref_table_values(struct ip_fw_chain *ch, struct table_config *tc,
187 struct table_algo *ta, void *astate, struct table_info *ti);
188 void rollback_table_values(struct tableop_state *ts);
190 int ipfw_rewrite_table_uidx(struct ip_fw_chain *chain,
191 struct rule_check_info *ci);
192 int ipfw_rewrite_table_kidx(struct ip_fw_chain *chain,
193 struct ip_fw_rule0 *rule);
194 int ipfw_mark_table_kidx(struct ip_fw_chain *chain, struct ip_fw *rule,
196 int ipfw_export_table_ntlv(struct ip_fw_chain *ch, uint16_t kidx,
197 struct sockopt_data *sd);
198 void ipfw_unref_rule_tables(struct ip_fw_chain *chain, struct ip_fw *rule);
200 /* utility functions */
201 int ipfw_check_table_name(char *name);
202 int ipfw_move_tables_sets(struct ip_fw_chain *ch, ipfw_range_tlv *rt,
204 void ipfw_swap_tables_sets(struct ip_fw_chain *ch, uint32_t old_set,
205 uint32_t new_set, int mv);
206 int ipfw_foreach_table_tentry(struct ip_fw_chain *ch, uint16_t kidx,
207 ta_foreach_f f, void *arg);
209 /* internal functions */
210 void tc_ref(struct table_config *tc);
211 void tc_unref(struct table_config *tc);
214 typedef void (op_rollback_f)(void *object, struct op_state *state);
216 TAILQ_ENTRY(op_state) next; /* chain link */
220 struct tableop_state {
221 struct op_state opstate;
222 struct ip_fw_chain *ch;
223 struct table_config *tc;
224 struct table_algo *ta;
225 struct tentry_info *tei;
232 void add_toperation_state(struct ip_fw_chain *ch, struct tableop_state *ts);
233 void del_toperation_state(struct ip_fw_chain *ch, struct tableop_state *ts);
234 void rollback_toperation_state(struct ip_fw_chain *ch, void *object);
236 /* Legacy interfaces */
237 int ipfw_count_table(struct ip_fw_chain *ch, struct tid_info *ti,
239 int ipfw_count_xtable(struct ip_fw_chain *ch, struct tid_info *ti,
241 int ipfw_dump_table_legacy(struct ip_fw_chain *ch, struct tid_info *ti,
246 #endif /* _IPFW2_TABLE_H */