4 * Copyright (C) 2012 by Darren Reed.
6 * See the IPFILTER.LICENCE file for details on licencing.
9 * Id: ip_proxy.h,v 2.31.2.2 2005/03/12 19:33:48 darrenr Exp
12 #ifndef __IP_PROXY_H__
13 #define __IP_PROXY_H__
16 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
19 #if defined(__STDC__) || defined(__GNUC__) || defined(_AIX51)
20 #define SIOCPROXY _IOWR('r', 64, struct ap_control)
22 #define SIOCPROXY _IOWR(r, 64, struct ap_control)
26 #define APR_LABELLEN 16
28 #define AP_SESS_SIZE 53
34 typedef struct ap_tcp {
35 u_short apt_sport; /* source port */
36 u_short apt_dport; /* destination port */
37 short apt_sel[2]; /* {seq,ack}{off,min} set selector */
38 short apt_seqoff[2]; /* sequence # difference */
39 u_32_t apt_seqmin[2]; /* don't change seq-off until after this */
40 short apt_ackoff[2]; /* sequence # difference */
41 u_32_t apt_ackmin[2]; /* don't change seq-off until after this */
42 u_char apt_state[2]; /* connection state */
45 typedef struct ap_udp {
46 u_short apu_sport; /* source port */
47 u_short apu_dport; /* destination port */
50 typedef struct ap_session {
51 struct aproxy *aps_apr;
53 struct ap_tcp apu_tcp;
54 struct ap_udp apu_udp;
56 U_QUAD_T aps_bytes; /* bytes sent */
57 U_QUAD_T aps_pkts; /* packets sent */
58 void *aps_nat; /* pointer back to nat struct */
59 void *aps_data; /* private data */
60 int aps_psiz; /* size of private data */
61 struct ap_session *aps_next;
64 #define aps_sport aps_un.apu_tcp.apt_sport
65 #define aps_dport aps_un.apu_tcp.apt_dport
66 #define aps_sel aps_un.apu_tcp.apt_sel
67 #define aps_seqoff aps_un.apu_tcp.apt_seqoff
68 #define aps_seqmin aps_un.apu_tcp.apt_seqmin
69 #define aps_state aps_un.apu_tcp.apt_state
70 #define aps_ackoff aps_un.apu_tcp.apt_ackoff
71 #define aps_ackmin aps_un.apu_tcp.apt_ackmin
74 typedef struct ap_control {
75 char apc_label[APR_LABELLEN];
76 char apc_config[APR_LABELLEN];
79 * The following fields are upto the proxy's apr_ctl routine to deal
80 * with. When the proxy gets this in kernel space, apc_data will
81 * point to a malloc'd region of memory of apc_dsize bytes. If the
82 * proxy wants to keep that memory, it must set apc_data to NULL
83 * before it returns. It is expected if this happens that it will
84 * take care to free it in apr_fini or otherwise as appropriate.
85 * apc_cmd is provided as a standard place to put simple commands,
86 * with apc_arg being available to put a simple arg.
98 typedef struct aproxy {
99 struct aproxy *apr_next;
100 struct aproxy *apr_parent;
101 char apr_label[APR_LABELLEN]; /* Proxy label # */
102 u_char apr_p; /* protocol */
106 void (* apr_load) __P((void));
107 void (* apr_unload) __P((void));
108 void *(* apr_create) __P((ipf_main_softc_t *));
109 void (* apr_destroy) __P((ipf_main_softc_t *, void *));
110 int (* apr_init) __P((ipf_main_softc_t *, void *));
111 void (* apr_fini) __P((ipf_main_softc_t *, void *));
112 int (* apr_new) __P((void *, fr_info_t *, ap_session_t *,
114 void (* apr_del) __P((ipf_main_softc_t *, ap_session_t *));
115 int (* apr_inpkt) __P((void *, fr_info_t *, ap_session_t *,
117 int (* apr_outpkt) __P((void *, fr_info_t *, ap_session_t *,
119 int (* apr_match) __P((fr_info_t *, ap_session_t *, struct nat *));
120 int (* apr_ctl) __P((ipf_main_softc_t *, void *, ap_ctl_t *));
121 int (* apr_clear) __P((struct aproxy *));
122 int (* apr_flush) __P((struct aproxy *, int));
128 #define APR_ERR(x) ((x) << 16)
129 #define APR_EXIT(x) (((x) >> 16) & 0xffff)
130 #define APR_INC(x) ((x) & 0xffff)
135 * Generic #define's to cover missing things in the kernel
138 # define isdigit(x) ((x) >= '0' && (x) <= '9')
141 # define isupper(x) (((unsigned)(x) >= 'A') && ((unsigned)(x) <= 'Z'))
144 # define islower(x) (((unsigned)(x) >= 'a') && ((unsigned)(x) <= 'z'))
147 # define isalpha(x) (isupper(x) || islower(x))
150 # define toupper(x) (isupper(x) ? (x) : (x) - 'a' + 'A')
153 # define isspace(x) (((x) == ' ') || ((x) == '\r') || ((x) == '\n') || \
154 ((x) == '\t') || ((x) == '\b'))
161 #define FTP_BUFSZ 160
162 #define IPF_FTPBUFSZ 160
164 typedef struct ftpside {
173 char ftps_buf[FTP_BUFSZ];
176 typedef struct ftpinfo {
181 ftpside_t ftp_side[2];
188 typedef u_32_t ipsec_cookie_t[2];
190 typedef struct ipsec_pxy {
191 ipsec_cookie_t ipsc_icookie;
192 ipsec_cookie_t ipsc_rcookie;
195 struct ipstate *ipsc_state;
203 typedef struct ircinfo {
216 * For the DNS "proxy"
218 typedef struct dnsinfo {
219 ipfmutex_t dnsi_lock;
221 char dnsi_buffer[512];
226 * Real audio proxy structure and #defines
228 typedef struct raudio_s {
232 int rap_eos; /* End Of Startup */
241 u_32_t rap_sbf; /* flag to indicate which of the 19 bytes have
249 #define RA_ID_ROBUST 7
252 #define RAP_M_ROBUST 2
254 #define RAP_M_UDP_ROBUST (RAP_M_UDP|RAP_M_ROBUST)
260 typedef struct msnrpcinfo {
264 struct in_addr mri_raddr;
272 #define RPCB_MAXMSG 888
273 #define RPCB_RES_PMAP 0 /* Response contains a v2 port. */
274 #define RPCB_RES_STRING 1 /* " " " v3 (GETADDR) string. */
275 #define RPCB_RES_LIST 2 /* " " " v4 (GETADDRLIST) list. */
276 #define RPCB_MAXREQS 32 /* Arbitrary limit on tracked transactions */
278 #define RPCB_REQMIN 40
279 #define RPCB_REQMAX 888
280 #define RPCB_REPMIN 20
281 #define RPCB_REPMAX 604 /* XXX double check this! */
284 * These macros determine the number of bytes between p and the end of
285 * r->rs_buf relative to l.
287 #define RPCB_BUF_END(r) (char *)((r)->rm_msgbuf + (r)->rm_buflen)
288 #define RPCB_BUF_GEQ(r, p, l) \
289 ((RPCB_BUF_END((r)) > (char *)(p)) && \
290 ((RPCB_BUF_END((r)) - (char *)(p)) >= (l)))
291 #define RPCB_BUF_EQ(r, p, l) \
292 (RPCB_BUF_END((r)) == ((char *)(p) + (l)))
295 * The following correspond to RPC(B) detailed in RFC183[13].
299 #define RPCB_MSG_VERSION 2
300 #define RPCB_PROG 100000
301 #define RPCB_GETPORT 3
302 #define RPCB_GETADDR 3
303 #define RPCB_GETADDRLIST 11
304 #define RPCB_MSG_ACCEPTED 0
305 #define RPCB_MSG_DENIED 1
307 /* BEGIN (Generic XDR structures) */
308 typedef struct xdr_string {
313 typedef struct xdr_auth {
314 /* u_32_t xa_flavor; */
315 xdr_string_t xa_string;
318 typedef struct xdr_uaddr {
324 typedef struct xdr_proto {
329 #define xu_xslen xu_str.xs_len
330 #define xu_xsstr xu_str.xs_str
331 #define xp_xslen xp_str.xs_len
332 #define xp_xsstr xp_str.xs_str
333 /* END (Generic XDR structures) */
335 /* BEGIN (RPC call structures) */
336 typedef struct pmap_args {
337 /* u_32_t pa_prog; */
338 /* u_32_t pa_vers; */
340 /* u_32_t pa_port; */
343 typedef struct rpcb_args {
344 /* u_32_t *ra_prog; */
345 /* u_32_t *ra_vers; */
346 xdr_proto_t ra_netid;
347 xdr_uaddr_t ra_maddr;
348 /* xdr_string_t ra_owner; */
351 typedef struct rpc_call {
352 /* u_32_t rc_rpcvers; */
353 /* u_32_t rc_prog; */
356 xdr_auth_t rc_authcred;
357 xdr_auth_t rc_authverf;
359 pmap_args_t ra_pmapargs;
360 rpcb_args_t ra_rpcbargs;
364 #define rc_pmapargs rpcb_args.ra_pmapargs
365 #define rc_rpcbargs rpcb_args.ra_rpcbargs
366 /* END (RPC call structures) */
368 /* BEGIN (RPC reply structures) */
369 typedef struct rpcb_entry {
370 xdr_uaddr_t re_maddr;
371 xdr_proto_t re_netid;
372 /* u_32_t re_semantics; */
373 xdr_string_t re_family;
374 xdr_proto_t re_proto;
375 u_32_t *re_more; /* 1 == another entry follows */
378 typedef struct rpcb_listp {
379 u_32_t *rl_list; /* 1 == list follows */
381 rpcb_entry_t rl_entries[2]; /* TCP / UDP only */
384 typedef struct rpc_resp {
385 /* u_32_t rr_acceptdeny; */
386 /* Omitted 'message denied' fork; we don't care about rejects. */
387 xdr_auth_t rr_authverf;
388 /* u_32_t *rr_astat; */
391 xdr_uaddr_t resp_getaddr;
392 rpcb_listp_t resp_getaddrlist;
396 #define rr_v2 rpcb_reply.resp_pmap
397 #define rr_v3 rpcb_reply.resp_getaddr
398 #define rr_v4 rpcb_reply.resp_getaddrlist
399 /* END (RPC reply structures) */
401 /* BEGIN (RPC message structure & macros) */
402 typedef struct rpc_msg {
403 char rm_msgbuf[RPCB_MAXMSG]; /* RPCB data buffer */
406 /* u_32_t Call vs Reply */
413 #define rm_call rm_body.rb_call
414 #define rm_resp rm_body.rb_resp
415 /* END (RPC message structure & macros) */
418 * These code paths aren't hot enough to warrant per transaction
421 typedef struct rpcb_xact {
422 struct rpcb_xact *rx_next;
423 struct rpcb_xact **rx_pnext;
424 u_32_t rx_xid; /* RPC transmission ID */
425 u_int rx_type; /* RPCB response type */
426 u_int rx_ref; /* reference count */
427 u_int rx_proto; /* transport protocol (v2 only) */
430 typedef struct rpcb_session {
431 ipfmutex_t rs_rxlock;
432 rpcb_xact_t *rs_rxlist;
436 * For an explanation, please see the following:
437 * RFC1832 - Sections 3.11, 4.4, and 4.5.
439 #define XDRALIGN(x) ((((x) % 4) != 0) ? ((((x) + 3) / 4) * 4) : (x))
441 extern int ipf_proxy_add __P((void *, aproxy_t *));
442 extern int ipf_proxy_check __P((fr_info_t *, struct nat *));
443 extern int ipf_proxy_ctl __P((ipf_main_softc_t *, void *, ap_ctl_t *));
444 extern int ipf_proxy_del __P((aproxy_t *));
445 extern void ipf_proxy_deref __P((aproxy_t *));
446 extern void ipf_proxy_flush __P((void *, int));
447 extern int ipf_proxy_init __P((void));
448 extern int ipf_proxy_ioctl __P((ipf_main_softc_t *, caddr_t, ioctlcmd_t, int, void *));
449 extern aproxy_t *ipf_proxy_lookup __P((void *, u_int, char *));
450 extern int ipf_proxy_match __P((fr_info_t *, struct nat *));
451 extern int ipf_proxy_new __P((fr_info_t *, struct nat *));
452 extern int ipf_proxy_ok __P((fr_info_t *, tcphdr_t *, struct ipnat *));
453 extern void ipf_proxy_free __P((ipf_main_softc_t *, ap_session_t *));
454 extern int ipf_proxy_main_load __P((void));
455 extern int ipf_proxy_main_unload __P((void));
456 extern ipnat_t *ipf_proxy_rule_fwd __P((nat_t *));
457 extern ipnat_t *ipf_proxy_rule_rev __P((nat_t *));
458 extern void *ipf_proxy_soft_create __P((ipf_main_softc_t *));
459 extern void ipf_proxy_soft_destroy __P((ipf_main_softc_t *, void *));
460 extern int ipf_proxy_soft_init __P((ipf_main_softc_t *, void *));
461 extern int ipf_proxy_soft_fini __P((ipf_main_softc_t *, void *));
463 #endif /* __IP_PROXY_H__ */
projects / FreeBSD / releng / 10.2.git / blob