Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/netpfil/ipfw/ip_fw_table.h
39482 views
1
/*-

2
 * Copyright (c) 2002-2009 Luigi Rizzo, Universita` di Pisa

3
 *

4
 * Redistribution and use in source and binary forms, with or without

5
 * modification, are permitted provided that the following conditions

6
 * are met:

7
 * 1. Redistributions of source code must retain the above copyright

8
 *    notice, this list of conditions and the following disclaimer.

9
 * 2. Redistributions in binary form must reproduce the above copyright

10
 *    notice, this list of conditions and the following disclaimer in the

11
 *    documentation and/or other materials provided with the distribution.

12
 *

13
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

14
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

15
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

16
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

17
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

18
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

19
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

20
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

21
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

22
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

23
 * SUCH DAMAGE.

24
 */

25


26
#ifndef _IPFW2_TABLE_H

27
#define _IPFW2_TABLE_H

28


29
/*

30
 * Internal constants and data structures used by ipfw tables

31
 * not meant to be exported outside the kernel.

32
 */

33
#ifdef _KERNEL

34


35
struct table_algo;

36
struct tables_config {

37
	struct namedobj_instance	*namehash;

38
	struct namedobj_instance	*valhash;

39
	uint32_t			val_size;

40
	uint32_t			algo_count;

41
	struct table_algo 		*algo[256];

42
	struct table_algo		*def_algo[IPFW_TABLE_MAXTYPE + 1];

43
	TAILQ_HEAD(op_state_l,op_state)	state_list;

44
};

45
#define	CHAIN_TO_TCFG(chain)	((struct tables_config *)(chain)->tblcfg)

46


47
struct table_info {

48
	table_lookup_t	*lookup;	/* Lookup function */

49
	void		*state;		/* Lookup radix/other structure */

50
	void		*xstate;	/* eXtended state */

51
	u_long		data;		/* Hints for given func */

52
};

53


54
struct table_value;

55
struct tentry_info {

56
	void		*paddr;

57
	struct table_value	*pvalue;

58
	void		*ptv;		/* Temporary field to hold obj	*/		

59
	uint8_t		masklen;	/* mask length			*/

60
	uint8_t		subtype;

61
	uint16_t	flags;		/* record flags			*/

62
	uint32_t	value;		/* value index			*/

63
};

64
#define	TEI_FLAGS_UPDATE	0x0001	/* Add or update rec if exists	*/

65
#define	TEI_FLAGS_UPDATED	0x0002	/* Entry has been updated	*/

66
#define	TEI_FLAGS_COMPAT	0x0004	/* Called from old ABI		*/

67
#define	TEI_FLAGS_DONTADD	0x0008	/* Do not create new rec	*/

68
#define	TEI_FLAGS_ADDED		0x0010	/* Entry was added		*/

69
#define	TEI_FLAGS_DELETED	0x0020	/* Entry was deleted		*/

70
#define	TEI_FLAGS_LIMIT		0x0040	/* Limit was hit		*/

71
#define	TEI_FLAGS_ERROR		0x0080	/* Unknown request error	*/

72
#define	TEI_FLAGS_NOTFOUND	0x0100	/* Entry was not found		*/

73
#define	TEI_FLAGS_EXISTS	0x0200	/* Entry already exists		*/

74


75
typedef int (ta_init)(struct ip_fw_chain *ch, void **ta_state,

76
    struct table_info *ti, char *data, uint8_t tflags);

77
typedef void (ta_destroy)(void *ta_state, struct table_info *ti);

78
typedef int (ta_prepare_add)(struct ip_fw_chain *ch, struct tentry_info *tei,

79
    void *ta_buf);

80
typedef int (ta_prepare_del)(struct ip_fw_chain *ch, struct tentry_info *tei,

81
    void *ta_buf);

82
typedef int (ta_add)(void *ta_state, struct table_info *ti,

83
    struct tentry_info *tei, void *ta_buf, uint32_t *pnum);

84
typedef int (ta_del)(void *ta_state, struct table_info *ti,

85
    struct tentry_info *tei, void *ta_buf, uint32_t *pnum);

86
typedef void (ta_flush_entry)(struct ip_fw_chain *ch, struct tentry_info *tei,

87
    void *ta_buf);

88


89
typedef int (ta_need_modify)(void *ta_state, struct table_info *ti,

90
    uint32_t count, uint64_t *pflags);

91
typedef int (ta_prepare_mod)(void *ta_buf, uint64_t *pflags);

92
typedef int (ta_fill_mod)(void *ta_state, struct table_info *ti,

93
    void *ta_buf, uint64_t *pflags);

94
typedef void (ta_modify)(void *ta_state, struct table_info *ti,

95
    void *ta_buf, uint64_t pflags);

96
typedef void (ta_flush_mod)(void *ta_buf);

97


98
typedef void (ta_change_ti)(void *ta_state, struct table_info *ti);

99
typedef void (ta_print_config)(void *ta_state, struct table_info *ti, char *buf,

100
    size_t bufsize);

101


102
typedef int ta_foreach_f(void *node, void *arg);

103
typedef void ta_foreach(void *ta_state, struct table_info *ti, ta_foreach_f *f,

104
  void *arg);

105
typedef int ta_dump_tentry(void *ta_state, struct table_info *ti, void *e,

106
    ipfw_obj_tentry *tent);

107
typedef int ta_find_tentry(void *ta_state, struct table_info *ti,

108
    ipfw_obj_tentry *tent);

109
typedef void ta_dump_tinfo(void *ta_state, struct table_info *ti, 

110
    ipfw_ta_tinfo *tinfo);

111
typedef uint32_t ta_get_count(void *ta_state, struct table_info *ti);

112


113
struct table_algo {

114
	char		name[16];

115
	uint32_t	idx;

116
	uint32_t	type;

117
	uint32_t	refcnt;

118
	uint32_t	flags;

119
	uint32_t	vlimit;

120
	size_t		ta_buf_size;

121
	ta_init		*init;

122
	ta_destroy	*destroy;

123
	ta_prepare_add	*prepare_add;

124
	ta_prepare_del	*prepare_del;

125
	ta_add		*add;

126
	ta_del		*del;

127
	ta_flush_entry	*flush_entry;

128
	ta_find_tentry	*find_tentry;

129
	ta_need_modify	*need_modify;

130
	ta_prepare_mod	*prepare_mod;

131
	ta_fill_mod	*fill_mod;

132
	ta_modify	*modify;

133
	ta_flush_mod	*flush_mod;

134
	ta_change_ti	*change_ti;

135
	ta_foreach	*foreach;

136
	ta_dump_tentry	*dump_tentry;

137
	ta_print_config	*print_config;

138
	ta_dump_tinfo	*dump_tinfo;

139
	ta_get_count	*get_count;

140
};

141
#define	TA_FLAG_DEFAULT		0x01	/* Algo is default for given type */

142
#define	TA_FLAG_READONLY	0x02	/* Algo does not support modifications*/

143
#define	TA_FLAG_EXTCOUNTER	0x04	/* Algo has external counter available*/

144


145
int ipfw_add_table_algo(struct ip_fw_chain *ch, struct table_algo *ta,

146
    size_t size, int *idx);

147
void ipfw_del_table_algo(struct ip_fw_chain *ch, int idx);

148


149
void ipfw_table_algo_init(struct ip_fw_chain *chain);

150
void ipfw_table_algo_destroy(struct ip_fw_chain *chain);

151


152
MALLOC_DECLARE(M_IPFW_TBL);

153
/* Exported to support legacy opcodes */

154
int add_table_entry(struct ip_fw_chain *ch, struct tid_info *ti,

155
    struct tentry_info *tei, uint8_t flags, uint32_t count);

156
int del_table_entry(struct ip_fw_chain *ch, struct tid_info *ti,

157
    struct tentry_info *tei, uint8_t flags, uint32_t count);

158
int flush_table(struct ip_fw_chain *ch, struct tid_info *ti);

159


160
/* ipfw_table_value.c functions */

161
struct table_config;

162
struct tableop_state;

163
void ipfw_table_value_init(struct ip_fw_chain *ch, int first);

164
void ipfw_table_value_destroy(struct ip_fw_chain *ch, int last);

165
int ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts,

166
    uint8_t flags);

167
void ipfw_garbage_table_values(struct ip_fw_chain *ch, struct table_config *tc,

168
    struct tentry_info *tei, uint32_t count, int rollback);

169
void ipfw_import_table_value_v1(ipfw_table_value *iv);

170
void ipfw_export_table_value_v1(struct table_value *v, ipfw_table_value *iv);

171
void ipfw_unref_table_values(struct ip_fw_chain *ch, struct table_config *tc,

172
    struct table_algo *ta, void *astate, struct table_info *ti);

173
void rollback_table_values(struct tableop_state *ts);

174


175
int ipfw_rewrite_table_uidx(struct ip_fw_chain *chain,

176
    struct rule_check_info *ci);

177
int ipfw_mark_table_kidx(struct ip_fw_chain *chain, struct ip_fw *rule,

178
    uint32_t *bmask);

179
int ipfw_export_table_ntlv(struct ip_fw_chain *ch, uint32_t kidx,

180
    struct sockopt_data *sd);

181
void ipfw_unref_rule_tables(struct ip_fw_chain *chain, struct ip_fw *rule);

182
struct namedobj_instance *ipfw_get_table_objhash(struct ip_fw_chain *ch);

183


184
/* utility functions  */

185
int ipfw_move_tables_sets(struct ip_fw_chain *ch, ipfw_range_tlv *rt,

186
    uint32_t new_set);

187
void ipfw_swap_tables_sets(struct ip_fw_chain *ch, uint32_t old_set,

188
    uint32_t new_set, int mv);

189
int ipfw_foreach_table_tentry(struct ip_fw_chain *ch, uint32_t kidx,

190
    ta_foreach_f f, void *arg);

191


192
/* internal functions */

193
void tc_ref(struct table_config *tc);

194
void tc_unref(struct table_config *tc);

195


196
struct op_state;

197
typedef void (op_rollback_f)(void *object, struct op_state *state);

198
struct op_state {

199
	TAILQ_ENTRY(op_state)	next;	/* chain link */

200
	op_rollback_f		*func;

201
};

202


203
struct tableop_state {

204
	struct op_state	opstate;

205
	struct ip_fw_chain *ch;

206
	struct table_config *tc;

207
	struct table_algo *ta;

208
	struct tentry_info *tei;

209
	uint32_t count;

210
	uint32_t vmask;

211
	int vshared;

212
	int modified;

213
};

214


215
void add_toperation_state(struct ip_fw_chain *ch, struct tableop_state *ts);

216
void del_toperation_state(struct ip_fw_chain *ch, struct tableop_state *ts);

217
void rollback_toperation_state(struct ip_fw_chain *ch, void *object);

218


219
#endif /* _KERNEL */

220
#endif /* _IPFW2_TABLE_H */

221


222