Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/netpfil/ipfw/ip_fw_table.h
105957 views
1
/*-

2
 * Copyright (c) 2002-2009 Luigi Rizzo, Universita` di Pisa

3
 *

4
 * Redistribution and use in source and binary forms, with or without

5
 * modification, are permitted provided that the following conditions

6
 * are met:

7
 * 1. Redistributions of source code must retain the above copyright

8
 *    notice, this list of conditions and the following disclaimer.

9
 * 2. Redistributions in binary form must reproduce the above copyright

10
 *    notice, this list of conditions and the following disclaimer in the

11
 *    documentation and/or other materials provided with the distribution.

12
 *

13
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

14
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

15
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

16
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

17
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

18
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

19
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

20
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

21
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

22
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

23
 * SUCH DAMAGE.

24
 */

25


26
#ifndef _IPFW2_TABLE_H

27
#define _IPFW2_TABLE_H

28


29
/*

30
 * Internal constants and data structures used by ipfw tables

31
 * not meant to be exported outside the kernel.

32
 */

33
#ifdef _KERNEL

34


35
/*

36
 * Table has the following `type` concepts:

37
 *

38
 * `no.type` represents lookup key type (addr, ifp, uid, etc..)

39
 * vmask represents bitmask of table values which are present at the moment.

40
 * Special IPFW_VTYPE_LEGACY ( (uint32_t)-1 ) represents old

41
 * single-value-for-all approach.

42
 */

43
struct table_config {

44
	struct named_object	no;

45
	uint8_t		tflags;		/* type flags */

46
	uint8_t		locked;		/* 1 if locked from changes */

47
	uint8_t		linked;		/* 1 if already linked */

48
	uint8_t		ochanged;	/* used by set swapping */

49
	uint8_t		vshared;	/* 1 if using shared value array */

50
	uint8_t		spare[3];

51
	uint32_t	count;		/* Number of records */

52
	uint32_t	limit;		/* Max number of records */

53
	uint32_t	vmask;		/* bitmask with supported values */

54
	uint32_t	ocount;		/* used by set swapping */

55
	uint64_t	gencnt;		/* generation count */

56
	char		tablename[64];	/* table name */

57
	struct table_algo	*ta;	/* Callbacks for given algo */

58
	void		*astate;	/* algorithm state */

59
	struct table_info {

60
		table_lookup_t	*lookup;/* Lookup function */

61
		void		*state;	/* Lookup radix/other structure */

62
		void		*xstate;/* eXtended state */

63
		u_long		data;	/* Hints for given func */

64
	} ti_copy;	/* data to put to table_info */

65
	struct namedobj_instance	*vi;

66
};

67


68
struct tables_config {

69
	struct namedobj_instance	*namehash;

70
	struct namedobj_instance	*valhash;

71
	uint32_t			val_size;

72
	uint32_t			algo_count;

73
	struct table_algo 		*algo[256];

74
	struct table_algo		*def_algo[IPFW_TABLE_MAXTYPE + 1];

75
};

76
#define	CHAIN_TO_TCFG(chain)	((struct tables_config *)(chain)->tblcfg)

77


78
struct tentry_info {

79
	void		*paddr;

80
	struct table_value	*pvalue;

81
	void		*ptv;		/* Temporary field to hold obj	*/		

82
	uint8_t		masklen;	/* mask length			*/

83
	uint8_t		subtype;

84
	uint16_t	flags;		/* record flags			*/

85
	uint32_t	value;		/* value index			*/

86
};

87
#define	TEI_FLAGS_UPDATE	0x0001	/* Add or update rec if exists	*/

88
#define	TEI_FLAGS_UPDATED	0x0002	/* Entry has been updated	*/

89
#define	TEI_FLAGS_COMPAT	0x0004	/* Called from old ABI		*/

90
#define	TEI_FLAGS_DONTADD	0x0008	/* Do not create new rec	*/

91
#define	TEI_FLAGS_ADDED		0x0010	/* Entry was added		*/

92
#define	TEI_FLAGS_DELETED	0x0020	/* Entry was deleted		*/

93
#define	TEI_FLAGS_LIMIT		0x0040	/* Limit was hit		*/

94
#define	TEI_FLAGS_ERROR		0x0080	/* Unknown request error	*/

95
#define	TEI_FLAGS_NOTFOUND	0x0100	/* Entry was not found		*/

96
#define	TEI_FLAGS_EXISTS	0x0200	/* Entry already exists		*/

97


98
typedef int (ta_init)(struct ip_fw_chain *ch, void **ta_state,

99
    struct table_info *ti, char *data, uint8_t tflags);

100
typedef void (ta_destroy)(void *ta_state, struct table_info *ti);

101
typedef int (ta_prepare_add)(struct ip_fw_chain *ch, struct tentry_info *tei,

102
    void *ta_buf);

103
typedef int (ta_prepare_del)(struct ip_fw_chain *ch, struct tentry_info *tei,

104
    void *ta_buf);

105
typedef int (ta_add)(void *ta_state, struct table_info *ti,

106
    struct tentry_info *tei, void *ta_buf, uint32_t *pnum);

107
typedef int (ta_del)(void *ta_state, struct table_info *ti,

108
    struct tentry_info *tei, void *ta_buf, uint32_t *pnum);

109
typedef void (ta_flush_entry)(struct ip_fw_chain *ch, struct tentry_info *tei,

110
    void *ta_buf);

111


112
typedef int (ta_need_modify)(void *ta_state, struct table_info *ti,

113
    uint32_t count, uint64_t *pflags);

114
typedef int (ta_prepare_mod)(void *ta_buf, uint64_t *pflags);

115
typedef int (ta_fill_mod)(void *ta_state, struct table_info *ti,

116
    void *ta_buf, uint64_t *pflags);

117
typedef void (ta_modify)(void *ta_state, struct table_info *ti,

118
    void *ta_buf, uint64_t pflags);

119
typedef void (ta_flush_mod)(void *ta_buf);

120


121
typedef void (ta_change_ti)(void *ta_state, struct table_info *ti);

122
typedef void (ta_print_config)(void *ta_state, struct table_info *ti, char *buf,

123
    size_t bufsize);

124


125
typedef int ta_foreach_f(void *node, void *arg);

126
typedef void ta_foreach(void *ta_state, struct table_info *ti, ta_foreach_f *f,

127
  void *arg);

128
typedef int ta_dump_tentry(void *ta_state, struct table_info *ti, void *e,

129
    ipfw_obj_tentry *tent);

130
typedef int ta_find_tentry(void *ta_state, struct table_info *ti,

131
    ipfw_obj_tentry *tent);

132
typedef void ta_dump_tinfo(void *ta_state, struct table_info *ti, 

133
    ipfw_ta_tinfo *tinfo);

134
typedef uint32_t ta_get_count(void *ta_state, struct table_info *ti);

135


136
struct table_algo {

137
	char		name[16];

138
	uint32_t	idx;

139
	uint32_t	type;

140
	uint32_t	refcnt;

141
	uint32_t	flags;

142
	uint32_t	vlimit;

143
	size_t		ta_buf_size;

144
	ta_init		*init;

145
	ta_destroy	*destroy;

146
	ta_prepare_add	*prepare_add;

147
	ta_prepare_del	*prepare_del;

148
	ta_add		*add;

149
	ta_del		*del;

150
	ta_flush_entry	*flush_entry;

151
	ta_find_tentry	*find_tentry;

152
	ta_need_modify	*need_modify;

153
	ta_prepare_mod	*prepare_mod;

154
	ta_fill_mod	*fill_mod;

155
	ta_modify	*modify;

156
	ta_flush_mod	*flush_mod;

157
	ta_change_ti	*change_ti;

158
	ta_foreach	*foreach;

159
	ta_dump_tentry	*dump_tentry;

160
	ta_print_config	*print_config;

161
	ta_dump_tinfo	*dump_tinfo;

162
	ta_get_count	*get_count;

163
};

164
#define	TA_FLAG_DEFAULT		0x01	/* Algo is default for given type */

165
#define	TA_FLAG_READONLY	0x02	/* Algo does not support modifications*/

166
#define	TA_FLAG_EXTCOUNTER	0x04	/* Algo has external counter available*/

167


168
int ipfw_add_table_algo(struct ip_fw_chain *ch, struct table_algo *ta,

169
    size_t size, int *idx);

170
void ipfw_del_table_algo(struct ip_fw_chain *ch, int idx);

171


172
void ipfw_table_algo_init(struct ip_fw_chain *chain);

173
void ipfw_table_algo_destroy(struct ip_fw_chain *chain);

174


175
MALLOC_DECLARE(M_IPFW_TBL);

176
/* Exported to support legacy opcodes */

177
int add_table_entry(struct ip_fw_chain *ch, struct tid_info *ti,

178
    struct tentry_info *tei, uint8_t flags, uint32_t count);

179
int del_table_entry(struct ip_fw_chain *ch, struct tid_info *ti,

180
    struct tentry_info *tei, uint8_t flags, uint32_t count);

181
int flush_table(struct ip_fw_chain *ch, struct tid_info *ti);

182


183
/* ipfw_table_value.c functions */

184
struct table_config;

185
void ipfw_table_value_init(struct ip_fw_chain *ch, int first);

186
void ipfw_table_value_destroy(struct ip_fw_chain *ch, int last);

187
int ipfw_link_table_values(struct ip_fw_chain *ch, struct table_config *tc,

188
    struct tentry_info *tei, uint32_t count, uint8_t flags);

189
void ipfw_garbage_table_values(struct ip_fw_chain *ch, struct table_config *tc,

190
    struct tentry_info *tei, uint32_t count, int rollback);

191
void ipfw_import_table_value_v1(ipfw_table_value *iv);

192
void ipfw_export_table_value_v1(struct table_value *v, ipfw_table_value *iv);

193
void ipfw_unref_table_values(struct ip_fw_chain *ch, struct table_config *tc,

194
    struct table_algo *ta, void *astate, struct table_info *ti);

195


196
int ipfw_rewrite_table_uidx(struct ip_fw_chain *chain,

197
    struct rule_check_info *ci);

198
int ipfw_mark_table_kidx(struct ip_fw_chain *chain, struct ip_fw *rule,

199
    uint32_t *bmask);

200
int ipfw_export_table_ntlv(struct ip_fw_chain *ch, uint32_t kidx,

201
    struct sockopt_data *sd);

202
void ipfw_unref_rule_tables(struct ip_fw_chain *chain, struct ip_fw *rule);

203
struct namedobj_instance *ipfw_get_table_objhash(struct ip_fw_chain *ch);

204


205
/* utility functions  */

206
int ipfw_move_tables_sets(struct ip_fw_chain *ch, ipfw_range_tlv *rt,

207
    uint32_t new_set);

208
void ipfw_swap_tables_sets(struct ip_fw_chain *ch, uint32_t old_set,

209
    uint32_t new_set, int mv);

210
int ipfw_foreach_table_tentry(struct ip_fw_chain *ch, uint32_t kidx,

211
    ta_foreach_f f, void *arg);

212


213
#endif /* _KERNEL */

214
#endif /* _IPFW2_TABLE_H */

215


216