Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/netpfil/pf/pf_nl.h
39481 views
1
/*-

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2023 Alexander V. Chernikov <[email protected]>

5
 * Copyright (c) 2023 Rubicon Communications, LLC (Netgate)

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 * 2. Redistributions in binary form must reproduce the above copyright

13
 *    notice, this list of conditions and the following disclaimer in the

14
 *    documentation and/or other materials provided with the distribution.

15
 *

16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

17
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

18
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

19
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

20
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

21
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

22
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

23
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

24
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

25
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

26
 * SUCH DAMAGE.

27
 *

28
 */

29


30
#ifndef _NETPFIL_PF_PF_NL_H_

31
#define _NETPFIL_PF_PF_NL_H_

32


33
/* Genetlink family */

34
#define PFNL_FAMILY_NAME	"pfctl"

35


36
/* available commands */

37
enum {

38
	PFNL_CMD_UNSPEC = 0,

39
	PFNL_CMD_GETSTATES = 1,

40
	PFNL_CMD_GETCREATORS = 2,

41
	PFNL_CMD_START = 3,

42
	PFNL_CMD_STOP = 4,

43
	PFNL_CMD_ADDRULE = 5,

44
	PFNL_CMD_GETRULES = 6,

45
	PFNL_CMD_GETRULE = 7,

46
	PFNL_CMD_CLRSTATES = 8,

47
	PFNL_CMD_KILLSTATES = 9,

48
	PFNL_CMD_SET_STATUSIF = 10,

49
	PFNL_CMD_GET_STATUS = 11,

50
	PFNL_CMD_CLEAR_STATUS = 12,

51
	PFNL_CMD_NATLOOK = 13,

52
	PFNL_CMD_SET_DEBUG = 14,

53
	PFNL_CMD_SET_TIMEOUT = 15,

54
	PFNL_CMD_GET_TIMEOUT = 16,

55
	PFNL_CMD_SET_LIMIT = 17,

56
	PFNL_CMD_GET_LIMIT = 18,

57
	PFNL_CMD_BEGIN_ADDRS = 19,

58
	PFNL_CMD_ADD_ADDR = 20,

59
	PFNL_CMD_GET_ADDRS = 21,

60
	PFNL_CMD_GET_ADDR = 22,

61
	PFNL_CMD_GET_RULESETS = 23,

62
	PFNL_CMD_GET_RULESET = 24,

63
	PFNL_CMD_GET_SRCNODES = 25,

64
	PFNL_CMD_CLEAR_TABLES = 26,

65
	PFNL_CMD_ADD_TABLE = 27,

66
	PFNL_CMD_DEL_TABLE = 28,

67
	PFNL_CMD_GET_TSTATS = 29,

68
	PFNL_CMD_CLR_TSTATS = 30,

69
	PFNL_CMD_CLR_ADDRS = 31,

70
	PFNL_CMD_TABLE_ADD_ADDR = 32,

71
	PFNL_CMD_TABLE_DEL_ADDR = 33,

72
	__PFNL_CMD_MAX,

73
};

74
#define PFNL_CMD_MAX (__PFNL_CMD_MAX -1)

75


76
enum pfstate_key_type_t {

77
	PF_STK_UNSPEC,

78
	PF_STK_ADDR0		= 1, /* ip */

79
	PF_STK_ADDR1		= 2, /* ip */

80
	PF_STK_PORT0		= 3, /* u16 */

81
	PF_STK_PORT1		= 4, /* u16 */

82
	PF_STK_AF		= 5, /* u8 */

83
	PF_STK_PROTO		= 6, /* u16 */

84
};

85


86
enum pfstate_peer_type_t {

87
	PF_STP_UNSPEC,

88
	PF_STP_PFSS_FLAGS	= 1, /* u16 */

89
	PF_STP_PFSS_TTL		= 2, /* u8 */

90
	PF_STP_SCRUB_FLAG	= 3, /* u8 */

91
	PF_STP_PFSS_TS_MOD	= 4, /* u32 */

92
	PF_STP_SEQLO		= 5, /* u32 */

93
	PF_STP_SEQHI		= 6, /* u32 */

94
	PF_STP_SEQDIFF		= 7, /* u32 */

95
	PF_STP_MAX_WIN		= 8, /* u16 */

96
	PF_STP_MSS		= 9, /* u16 */

97
	PF_STP_STATE		= 10, /* u8 */

98
	PF_STP_WSCALE		= 11, /* u8 */

99
};

100


101
enum pfstate_type_t {

102
	PF_ST_UNSPEC,

103
	PF_ST_ID		= 1, /* u32, state id */

104
	PF_ST_CREATORID		= 2, /* u32, */

105
	PF_ST_IFNAME		= 3, /* string */

106
	PF_ST_ORIG_IFNAME	= 4, /* string */

107
	PF_ST_KEY_WIRE		= 5, /* nested, pfstate_key_type_t */

108
	PF_ST_KEY_STACK		= 6, /* nested, pfstate_key_type_t */

109
	PF_ST_PEER_SRC		= 7, /* nested, pfstate_peer_type_t*/

110
	PF_ST_PEER_DST		= 8, /* nested, pfstate_peer_type_t */

111
	PF_ST_RT_ADDR		= 9, /* ip */

112
	PF_ST_RULE		= 10, /* u32 */

113
	PF_ST_ANCHOR		= 11, /* u32 */

114
	PF_ST_NAT_RULE		= 12, /* u32 */

115
	PF_ST_CREATION		= 13, /* u32 */

116
	PF_ST_EXPIRE		= 14, /* u32 */

117
	PF_ST_PACKETS0		= 15, /* u64 */

118
	PF_ST_PACKETS1		= 16, /* u64 */

119
	PF_ST_BYTES0		= 17, /* u64 */

120
	PF_ST_BYTES1		= 18, /* u64 */

121
	PF_ST_AF		= 19, /* u8 */

122
	PF_ST_PROTO		= 21, /* u8 */

123
	PF_ST_DIRECTION		= 22, /* u8 */

124
	PF_ST_LOG		= 23, /* u8 */

125
	PF_ST_TIMEOUT		= 24, /* u8 */

126
	PF_ST_STATE_FLAGS	= 25, /* u8 */

127
	PF_ST_SYNC_FLAGS	= 26, /* u8 */

128
	PF_ST_UPDATES		= 27, /* u8 */

129
	PF_ST_VERSION		= 28, /* u64 */

130
	PF_ST_FILTER_ADDR	= 29, /* in6_addr */

131
	PF_ST_FILTER_MASK	= 30, /* in6_addr */

132
	PF_ST_RTABLEID		= 31, /* i32 */

133
	PF_ST_MIN_TTL		= 32, /* u8 */

134
	PF_ST_MAX_MSS		= 33, /* u16 */

135
	PF_ST_DNPIPE		= 34, /* u16 */

136
	PF_ST_DNRPIPE		= 35, /* u16 */

137
	PF_ST_RT		= 36, /* u8 */

138
	PF_ST_RT_IFNAME		= 37, /* string */

139
	PF_ST_SRC_NODE_FLAGS	= 38, /* u8 */

140
	PF_ST_RT_AF		= 39, /* u8 */

141
};

142


143
enum pf_addr_type_t {

144
	PF_AT_UNSPEC,

145
	PF_AT_ADDR		= 1, /* in6_addr */

146
	PF_AT_MASK		= 2, /* in6_addr */

147
	PF_AT_IFNAME		= 3, /* string */

148
	PF_AT_TABLENAME		= 4, /* string */

149
	PF_AT_TYPE		= 5, /* u8 */

150
	PF_AT_IFLAGS		= 6, /* u8 */

151
	PF_AT_TBLCNT		= 7, /* u32 */

152
	PF_AT_DYNCNT		= 8, /* u32 */

153
};

154


155
enum pfrule_addr_type_t {

156
	PF_RAT_UNSPEC,

157
	PF_RAT_ADDR		= 1, /* nested, pf_addr_type_t */

158
	PF_RAT_SRC_PORT		= 2, /* u16 */

159
	PF_RAT_DST_PORT		= 3, /* u16 */

160
	PF_RAT_NEG		= 4, /* u8 */

161
	PF_RAT_OP		= 5, /* u8 */

162
};

163


164
enum pf_labels_type_t {

165
	PF_LT_UNSPEC,

166
	PF_LT_LABEL		= 1, /* string */

167
};

168


169
enum pf_mape_portset_type_t

170
{

171
	PF_MET_UNSPEC,

172
	PF_MET_OFFSET		= 1, /* u8 */

173
	PF_MET_PSID_LEN		= 2, /* u8 */

174
	PF_MET_PSID		= 3, /* u16 */

175
};

176


177
enum pf_rpool_type_t

178
{

179
	PF_PT_UNSPEC,

180
	PF_PT_KEY		= 1, /* bytes, sizeof(struct pf_poolhashkey) */

181
	PF_PT_COUNTER		= 2, /* in6_addr */

182
	PF_PT_TBLIDX		= 3, /* u32 */

183
	PF_PT_PROXY_SRC_PORT	= 4, /* u16 */

184
	PF_PT_PROXY_DST_PORT	= 5, /* u16 */

185
	PF_PT_OPTS		= 6, /* u8 */

186
	PF_PT_MAPE		= 7, /* nested, pf_mape_portset_type_t */

187
};

188


189
enum pf_timeout_type_t {

190
	PF_TT_UNSPEC,

191
	PF_TT_TIMEOUT		= 1, /* u32 */

192
};

193


194
enum pf_rule_uid_type_t {

195
	PF_RUT_UNSPEC,

196
	PF_RUT_UID_LOW		= 1, /* u32 */

197
	PF_RUT_UID_HIGH		= 2, /* u32 */

198
	PF_RUT_OP		= 3, /* u8 */

199
};

200


201
enum pf_rule_type_t {

202
	PF_RT_UNSPEC,

203
	PF_RT_SRC		= 1, /* nested, pf_rule_addr_type_t */

204
	PF_RT_DST		= 2, /* nested, pf_rule_addr_type_t */

205
	PF_RT_RIDENTIFIER	= 3, /* u32 */

206
	PF_RT_LABELS		= 4, /* nested, pf_labels_type_t */

207
	PF_RT_IFNAME		= 5, /* string */

208
	PF_RT_QNAME		= 6, /* string */

209
	PF_RT_PQNAME		= 7, /* string */

210
	PF_RT_TAGNAME		= 8, /* string */

211
	PF_RT_MATCH_TAGNAME	= 9, /* string */

212
	PF_RT_OVERLOAD_TBLNAME	= 10, /* string */

213
	PF_RT_RPOOL_RDR		= 11, /* nested, pf_rpool_type_t */

214
	PF_RT_OS_FINGERPRINT	= 12, /* u32 */

215
	PF_RT_RTABLEID		= 13, /* u32 */

216
	PF_RT_TIMEOUT		= 14, /* nested, pf_timeout_type_t */

217
	PF_RT_MAX_STATES	= 15, /* u32 */

218
	PF_RT_MAX_SRC_NODES	= 16, /* u32 */

219
	PF_RT_MAX_SRC_STATES	= 17, /* u32 */

220
	PF_RT_MAX_SRC_CONN_RATE_LIMIT	= 18, /* u32 */

221
	PF_RT_MAX_SRC_CONN_RATE_SECS	= 19, /* u32 */

222
	PF_RT_DNPIPE		= 20, /* u16 */

223
	PF_RT_DNRPIPE		= 21, /* u16 */

224
	PF_RT_DNFLAGS		= 22, /* u32 */

225
	PF_RT_NR		= 23, /* u32 */

226
	PF_RT_PROB		= 24, /* u32 */

227
	PF_RT_CUID		= 25, /* u32 */

228
	PF_RT_CPID		= 26, /* u32 */

229
	PF_RT_RETURN_ICMP	= 27, /* u16 */

230
	PF_RT_RETURN_ICMP6	= 28, /* u16 */

231
	PF_RT_MAX_MSS		= 29, /* u16 */

232
	PF_RT_SCRUB_FLAGS	= 30, /* u16 */

233
	PF_RT_UID		= 31, /* nested, pf_rule_uid_type_t */

234
	PF_RT_GID		= 32, /* nested, pf_rule_uid_type_t */

235
	PF_RT_RULE_FLAG		= 33, /* u32 */

236
	PF_RT_ACTION		= 34, /* u8 */

237
	PF_RT_DIRECTION		= 35, /* u8 */

238
	PF_RT_LOG		= 36, /* u8 */

239
	PF_RT_LOGIF		= 37, /* u8 */

240
	PF_RT_QUICK		= 38, /* u8 */

241
	PF_RT_IF_NOT		= 39, /* u8 */

242
	PF_RT_MATCH_TAG_NOT	= 40, /* u8 */

243
	PF_RT_NATPASS		= 41, /* u8 */

244
	PF_RT_KEEP_STATE	= 42, /* u8 */

245
	PF_RT_AF		= 43, /* u8 */

246
	PF_RT_PROTO		= 44, /* u8 */

247
	PF_RT_TYPE		= 45, /* u8 */

248
	PF_RT_CODE		= 46, /* u8 */

249
	PF_RT_FLAGS		= 47, /* u8 */

250
	PF_RT_FLAGSET		= 48, /* u8 */

251
	PF_RT_MIN_TTL		= 49, /* u8 */

252
	PF_RT_ALLOW_OPTS	= 50, /* u8 */

253
	PF_RT_RT		= 51, /* u8 */

254
	PF_RT_RETURN_TTL	= 52, /* u8 */

255
	PF_RT_TOS		= 53, /* u8 */

256
	PF_RT_SET_TOS		= 54, /* u8 */

257
	PF_RT_ANCHOR_RELATIVE	= 55, /* u8 */

258
	PF_RT_ANCHOR_WILDCARD	= 56, /* u8 */

259
	PF_RT_FLUSH		= 57, /* u8 */

260
	PF_RT_PRIO		= 58, /* u8 */

261
	PF_RT_SET_PRIO		= 59, /* u8 */

262
	PF_RT_SET_PRIO_REPLY	= 60, /* u8 */

263
	PF_RT_DIVERT_ADDRESS	= 61, /* in6_addr */

264
	PF_RT_DIVERT_PORT	= 62, /* u16 */

265
	PF_RT_PACKETS_IN	= 63, /* u64 */

266
	PF_RT_PACKETS_OUT	= 64, /* u64 */

267
	PF_RT_BYTES_IN		= 65, /* u64 */

268
	PF_RT_BYTES_OUT		= 66, /* u64 */

269
	PF_RT_EVALUATIONS	= 67, /* u64 */

270
	PF_RT_TIMESTAMP		= 68, /* u64 */

271
	PF_RT_STATES_CUR	= 69, /* u64 */

272
	PF_RT_STATES_TOTAL	= 70, /* u64 */

273
	PF_RT_SRC_NODES		= 71, /* u64 */

274
	PF_RT_ANCHOR_CALL	= 72, /* string */

275
	PF_RT_RCV_IFNAME	= 73, /* string */

276
	PF_RT_MAX_SRC_CONN	= 74, /* u32 */

277
	PF_RT_RPOOL_NAT		= 75, /* nested, pf_rpool_type_t */

278
	PF_RT_NAF		= 76, /* u8 */

279
	PF_RT_RPOOL_RT		= 77, /* nested, pf_rpool_type_t */

280
	PF_RT_RCV_IFNOT		= 78, /* bool */

281
	PF_RT_SRC_NODES_LIMIT	= 79, /* u64 */

282
	PF_RT_SRC_NODES_NAT	= 80, /* u64 */

283
	PF_RT_SRC_NODES_ROUTE	= 81, /* u64 */

284
	PF_RT_PKTRATE		= 82, /* nested, pf_threshold_type_t */

285
	PF_RT_MAX_PKT_SIZE	= 83, /* u16 */

286
	PF_RT_TYPE_2		= 84, /* u16 */

287
	PF_RT_CODE_2		= 85, /* u16 */

288
	PF_RT_EXPTIME		= 86, /* time_t */

289
};

290


291
enum pf_addrule_type_t {

292
	PF_ART_UNSPEC,

293
	PF_ART_TICKET		= 1, /* u32 */

294
	PF_ART_POOL_TICKET	= 2, /* u32 */

295
	PF_ART_ANCHOR		= 3, /* string */

296
	PF_ART_ANCHOR_CALL	= 4, /* string */

297
	PF_ART_RULE		= 5, /* nested, pfrule_type_t */

298
};

299


300
enum pf_getrules_type_t {

301
	PF_GR_UNSPEC,

302
	PF_GR_ANCHOR		= 1, /* string */

303
	PF_GR_ACTION		= 2, /* u8 */

304
	PF_GR_NR		= 3, /* u32 */

305
	PF_GR_TICKET		= 4, /* u32 */

306
	PF_GR_CLEAR		= 5, /* u8 */

307
};

308


309
enum pf_clear_states_type_t {

310
	PF_CS_UNSPEC,

311
	PF_CS_CMP_ID		= 1, /* u64 */

312
	PF_CS_CMP_CREATORID	= 2, /* u32 */

313
	PF_CS_CMP_DIR		= 3, /* u8 */

314
	PF_CS_AF		= 4, /* u8 */

315
	PF_CS_PROTO		= 5, /* u8 */

316
	PF_CS_SRC		= 6, /* nested, pf_addr_wrap */

317
	PF_CS_DST		= 7, /* nested, pf_addr_wrap */

318
	PF_CS_RT_ADDR		= 8, /* nested, pf_addr_wrap */

319
	PF_CS_IFNAME		= 9, /* string */

320
	PF_CS_LABEL		= 10, /* string */

321
	PF_CS_KILL_MATCH	= 11, /* bool */

322
	PF_CS_NAT		= 12, /* bool */

323
	PF_CS_KILLED		= 13, /* u32 */

324
};

325


326
enum pf_set_statusif_types_t {

327
	PF_SS_UNSPEC,

328
	PF_SS_IFNAME		= 1, /* string */

329
};

330


331
enum pf_counter_types_t {

332
	PF_C_UNSPEC,

333
	PF_C_COUNTER		= 1, /* u64 */

334
	PF_C_NAME		= 2, /* string */

335
	PF_C_ID			= 3, /* u32 */

336
};

337


338
enum pf_get_status_types_t {

339
	PF_GS_UNSPEC,

340
	PF_GS_IFNAME		= 1, /* string */

341
	PF_GS_RUNNING		= 2, /* bool */

342
	PF_GS_SINCE		= 3, /* u32 */

343
	PF_GS_DEBUG		= 4, /* u32 */

344
	PF_GS_HOSTID		= 5, /* u32 */

345
	PF_GS_STATES		= 6, /* u32 */

346
	PF_GS_SRC_NODES		= 7, /* u32 */

347
	PF_GS_REASSEMBLE	= 8, /* u32 */

348
	PF_GS_SYNCOOKIES_ACTIVE	= 9, /* bool */

349
	PF_GS_COUNTERS		= 10, /* nested, */

350
	PF_GS_LCOUNTERS		= 11, /* nested, */

351
	PF_GS_FCOUNTERS		= 12, /* nested, */

352
	PF_GS_SCOUNTERS		= 13, /* nested, */

353
	PF_GS_CHKSUM		= 14, /* byte array */

354
	PF_GS_PCOUNTERS		= 15, /* u64 array */

355
	PF_GS_BCOUNTERS		= 16, /* u64 array */

356
	PF_GS_NCOUNTERS		= 17, /* nested, */

357
	PF_GS_FRAGMENTS		= 18, /* u64, */

358
};

359


360
enum pf_natlook_types_t {

361
	PF_NL_UNSPEC,

362
	PF_NL_AF		= 1, /* u8 */

363
	PF_NL_DIRECTION		= 2, /* u8 */

364
	PF_NL_PROTO		= 3, /* u8 */

365
	PF_NL_SRC_ADDR		= 4, /* in6_addr */

366
	PF_NL_DST_ADDR		= 5, /* in6_addr */

367
	PF_NL_SRC_PORT		= 6, /* u16 */

368
	PF_NL_DST_PORT		= 7, /* u16 */

369
};

370


371
enum pf_set_debug_types_t {

372
	PF_SD_UNSPEC,

373
	PF_SD_LEVEL		= 1, /* u32 */

374
};

375


376
enum pf_timeout_types_t {

377
	PF_TO_UNSPEC,

378
	PF_TO_TIMEOUT		= 1, /* u32 */

379
	PF_TO_SECONDS		= 2, /* u32 */

380
};

381


382
enum pf_limit_types_t {

383
	PF_LI_UNSPEC,

384
	PF_LI_INDEX		= 1, /* u32 */

385
	PF_LI_LIMIT		= 2, /* u32 */

386
};

387


388
enum pf_begin_addrs_types_t {

389
	PF_BA_UNSPEC,

390
	PF_BA_TICKET		= 1, /* u32 */

391
};

392


393
enum pf_pool_addr_types_t {

394
	PF_PA_UNSPEC,

395
	PF_PA_ADDR		= 1, /* nested, pf_addr_wrap */

396
	PF_PA_IFNAME		= 2, /* string */

397
};

398


399
enum pf_add_addr_types_t {

400
	PF_AA_UNSPEC,

401
	PF_AA_ACTION		= 1, /* u32 */

402
	PF_AA_TICKET		= 2, /* u32 */

403
	PF_AA_NR		= 3, /* u32 */

404
	PF_AA_R_NUM		= 4, /* u32 */

405
	PF_AA_R_ACTION		= 5, /* u8 */

406
	PF_AA_R_LAST		= 6, /* u8 */

407
	PF_AA_AF		= 7, /* u8 */

408
	PF_AA_ANCHOR		= 8, /* string */

409
	PF_AA_ADDR		= 9, /* nested, pf_pooladdr */

410
	PF_AA_WHICH		= 10, /* u32 */

411
};

412


413
enum pf_get_rulesets_types_t {

414
	PF_RS_UNSPEC,

415
	PF_RS_PATH		= 1, /* string */

416
	PF_RS_NR		= 2, /* u32 */

417
	PF_RS_NAME		= 3, /* string */

418
};

419


420
enum pf_threshold_types_t {

421
	PF_TH_UNSPEC,

422
	PF_TH_LIMIT		= 1, /* u32 */

423
	PF_TH_SECONDS		= 2, /* u32 */

424
	PF_TH_COUNT		= 3, /* u32 */

425
	PF_TH_LAST		= 4, /* u32 */

426
};

427


428
enum pf_srcnodes_types_t {

429
	PF_SN_UNSPEC,

430
	PF_SN_ADDR		= 1, /* nested, pf_addr */

431
	PF_SN_RADDR		= 2, /* nested, pf_addr */

432
	PF_SN_RULE_NR		= 3, /* u32 */

433
	PF_SN_BYTES_IN		= 4, /* u64 */

434
	PF_SN_BYTES_OUT		= 5, /* u64 */

435
	PF_SN_PACKETS_IN	= 6, /* u64 */

436
	PF_SN_PACKETS_OUT	= 7, /* u64 */

437
	PF_SN_STATES		= 8, /* u32 */

438
	PF_SN_CONNECTIONS	= 9, /* u32 */

439
	PF_SN_AF		= 10, /* u8 */

440
	PF_SN_RULE_TYPE		= 11, /* u8 */

441
	PF_SN_CREATION		= 12, /* u64 */

442
	PF_SN_EXPIRE		= 13, /* u64 */

443
	PF_SN_CONNECTION_RATE	= 14, /* nested, pf_threshold */

444
	PF_SN_RAF		= 15, /* u8 */

445
	PF_SN_NODE_TYPE		= 16, /* u8 */

446
};

447


448
enum pf_tables_t {

449
	PF_T_UNSPEC,

450
	PF_T_ANCHOR		= 1, /* string */

451
	PF_T_NAME		= 2, /* string */

452
	PF_T_TABLE_FLAGS	= 3, /* u32 */

453
	PF_T_FLAGS		= 4, /* u32 */

454
	PF_T_NBR_DELETED	= 5, /* u32 */

455
	PF_T_NBR_ADDED		= 6, /* u32 */

456
};

457


458
enum pf_tstats_t {

459
	PF_TS_UNSPEC,

460
	PF_TS_TABLE		= 1, /* nested, pfr_table */

461
	PF_TS_PACKETS		= 2, /* u64 array */

462
	PF_TS_BYTES		= 3, /* u64 array */

463
	PF_TS_MATCH		= 4, /* u64 */

464
	PF_TS_NOMATCH		= 5, /* u64 */

465
	PF_TS_TZERO		= 6, /* u64 */

466
	PF_TS_CNT		= 7, /* u64 */

467
	PF_TS_REFCNT		= 8, /* u64 array */

468
	PF_TS_NZERO		= 9, /* u64 */

469
};

470


471
enum pfr_addr_t {

472
	PFR_A_UNSPEC,

473
	PFR_A_AF		= 1, /* uint8_t */

474
	PFR_A_NET		= 2, /* uint8_t */

475
	PFR_A_NOT		= 3, /* bool */

476
	PFR_A_ADDR		= 4, /* in6_addr */

477
};

478


479
enum pf_table_addrs_t {

480
	PF_TA_UNSPEC,

481
	PF_TA_TABLE		= 1, /* nested, pf_table_t */

482
	PF_TA_ADDR		= 2, /* nested, pfr_addr_t */

483
	PF_TA_FLAGS		= 3, /* u32 */

484
	PF_TA_NBR_ADDED		= 4, /* u32 */

485
	PF_TA_NBR_DELETED	= 5, /* u32 */

486
};

487


488
#ifdef _KERNEL

489


490
void	pf_nl_register(void);

491
void	pf_nl_unregister(void);

492


493
#endif

494


495
#endif

496


497