Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/netpfil/pf/pf_nl.h
107278 views
1
/*-

2
 * SPDX-License-Identifier: BSD-2-Clause

3
 *

4
 * Copyright (c) 2023 Alexander V. Chernikov <[email protected]>

5
 * Copyright (c) 2023 Rubicon Communications, LLC (Netgate)

6
 *

7
 * Redistribution and use in source and binary forms, with or without

8
 * modification, are permitted provided that the following conditions

9
 * are met:

10
 * 1. Redistributions of source code must retain the above copyright

11
 *    notice, this list of conditions and the following disclaimer.

12
 * 2. Redistributions in binary form must reproduce the above copyright

13
 *    notice, this list of conditions and the following disclaimer in the

14
 *    documentation and/or other materials provided with the distribution.

15
 *

16
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND

17
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

18
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

19
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

20
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

21
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

22
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

23
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

24
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

25
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

26
 * SUCH DAMAGE.

27
 *

28
 */

29


30
#ifndef _NETPFIL_PF_PF_NL_H_

31
#define _NETPFIL_PF_PF_NL_H_

32


33
/* Genetlink family */

34
#define PFNL_FAMILY_NAME	"pfctl"

35


36
/* available commands */

37
enum {

38
	PFNL_CMD_UNSPEC = 0,

39
	PFNL_CMD_GETSTATES = 1,

40
	PFNL_CMD_GETCREATORS = 2,

41
	PFNL_CMD_START = 3,

42
	PFNL_CMD_STOP = 4,

43
	PFNL_CMD_ADDRULE = 5,

44
	PFNL_CMD_GETRULES = 6,

45
	PFNL_CMD_GETRULE = 7,

46
	PFNL_CMD_CLRSTATES = 8,

47
	PFNL_CMD_KILLSTATES = 9,

48
	PFNL_CMD_SET_STATUSIF = 10,

49
	PFNL_CMD_GET_STATUS = 11,

50
	PFNL_CMD_CLEAR_STATUS = 12,

51
	PFNL_CMD_NATLOOK = 13,

52
	PFNL_CMD_SET_DEBUG = 14,

53
	PFNL_CMD_SET_TIMEOUT = 15,

54
	PFNL_CMD_GET_TIMEOUT = 16,

55
	PFNL_CMD_SET_LIMIT = 17,

56
	PFNL_CMD_GET_LIMIT = 18,

57
	PFNL_CMD_BEGIN_ADDRS = 19,

58
	PFNL_CMD_ADD_ADDR = 20,

59
	PFNL_CMD_GET_ADDRS = 21,

60
	PFNL_CMD_GET_ADDR = 22,

61
	PFNL_CMD_GET_RULESETS = 23,

62
	PFNL_CMD_GET_RULESET = 24,

63
	PFNL_CMD_GET_SRCNODES = 25,

64
	PFNL_CMD_CLEAR_TABLES = 26,

65
	PFNL_CMD_ADD_TABLE = 27,

66
	PFNL_CMD_DEL_TABLE = 28,

67
	PFNL_CMD_GET_TSTATS = 29,

68
	PFNL_CMD_CLR_TSTATS = 30,

69
	PFNL_CMD_CLR_ADDRS = 31,

70
	PFNL_CMD_TABLE_ADD_ADDR = 32,

71
	PFNL_CMD_TABLE_DEL_ADDR = 33,

72
	PFNL_CMD_TABLE_SET_ADDR = 34,

73
	PFNL_CMD_TABLE_GET_ADDR = 35,

74
	PFNL_CMD_TABLE_GET_ASTATS = 36,

75
	PFNL_CMD_TABLE_CLEAR_ASTATS = 37,

76
	PFNL_CMD_STATE_LIMITER_ADD = 38,

77
	PFNL_CMD_STATE_LIMITER_GET = 39,

78
	PFNL_CMD_STATE_LIMITER_NGET = 40,

79
	PFNL_CMD_SOURCE_LIMITER_ADD = 41,

80
	PFNL_CMD_SOURCE_LIMITER_GET = 42,

81
	PFNL_CMD_SOURCE_LIMITER_NGET = 43,

82
	PFNL_CMD_SOURCE_GET = 44,

83
	PFNL_CMD_SOURCE_NGET = 45,

84
	PFNL_CMD_SOURCE_CLEAR = 46,

85
	PFNL_CMD_TABLE_TEST_ADDRS = 47,

86
	__PFNL_CMD_MAX,

87
};

88
#define PFNL_CMD_MAX (__PFNL_CMD_MAX -1)

89


90
enum pfstate_key_type_t {

91
	PF_STK_UNSPEC,

92
	PF_STK_ADDR0		= 1, /* ip */

93
	PF_STK_ADDR1		= 2, /* ip */

94
	PF_STK_PORT0		= 3, /* u16 */

95
	PF_STK_PORT1		= 4, /* u16 */

96
	PF_STK_AF		= 5, /* u8 */

97
	PF_STK_PROTO		= 6, /* u16 */

98
};

99


100
enum pfstate_peer_type_t {

101
	PF_STP_UNSPEC,

102
	PF_STP_PFSS_FLAGS	= 1, /* u16 */

103
	PF_STP_PFSS_TTL		= 2, /* u8 */

104
	PF_STP_SCRUB_FLAG	= 3, /* u8 */

105
	PF_STP_PFSS_TS_MOD	= 4, /* u32 */

106
	PF_STP_SEQLO		= 5, /* u32 */

107
	PF_STP_SEQHI		= 6, /* u32 */

108
	PF_STP_SEQDIFF		= 7, /* u32 */

109
	PF_STP_MAX_WIN		= 8, /* u16 */

110
	PF_STP_MSS		= 9, /* u16 */

111
	PF_STP_STATE		= 10, /* u8 */

112
	PF_STP_WSCALE		= 11, /* u8 */

113
};

114


115
enum pfstate_type_t {

116
	PF_ST_UNSPEC,

117
	PF_ST_ID		= 1, /* u32, state id */

118
	PF_ST_CREATORID		= 2, /* u32, */

119
	PF_ST_IFNAME		= 3, /* string */

120
	PF_ST_ORIG_IFNAME	= 4, /* string */

121
	PF_ST_KEY_WIRE		= 5, /* nested, pfstate_key_type_t */

122
	PF_ST_KEY_STACK		= 6, /* nested, pfstate_key_type_t */

123
	PF_ST_PEER_SRC		= 7, /* nested, pfstate_peer_type_t*/

124
	PF_ST_PEER_DST		= 8, /* nested, pfstate_peer_type_t */

125
	PF_ST_RT_ADDR		= 9, /* ip */

126
	PF_ST_RULE		= 10, /* u32 */

127
	PF_ST_ANCHOR		= 11, /* u32 */

128
	PF_ST_NAT_RULE		= 12, /* u32 */

129
	PF_ST_CREATION		= 13, /* u32 */

130
	PF_ST_EXPIRE		= 14, /* u32 */

131
	PF_ST_PACKETS0		= 15, /* u64 */

132
	PF_ST_PACKETS1		= 16, /* u64 */

133
	PF_ST_BYTES0		= 17, /* u64 */

134
	PF_ST_BYTES1		= 18, /* u64 */

135
	PF_ST_AF		= 19, /* u8 */

136
	PF_ST_PROTO		= 21, /* u8 */

137
	PF_ST_DIRECTION		= 22, /* u8 */

138
	PF_ST_LOG		= 23, /* u8 */

139
	PF_ST_TIMEOUT		= 24, /* u8 */

140
	PF_ST_STATE_FLAGS	= 25, /* u8 */

141
	PF_ST_SYNC_FLAGS	= 26, /* u8 */

142
	PF_ST_UPDATES		= 27, /* u8 */

143
	PF_ST_VERSION		= 28, /* u64 */

144
	PF_ST_FILTER_ADDR	= 29, /* in6_addr */

145
	PF_ST_FILTER_MASK	= 30, /* in6_addr */

146
	PF_ST_RTABLEID		= 31, /* i32 */

147
	PF_ST_MIN_TTL		= 32, /* u8 */

148
	PF_ST_MAX_MSS		= 33, /* u16 */

149
	PF_ST_DNPIPE		= 34, /* u16 */

150
	PF_ST_DNRPIPE		= 35, /* u16 */

151
	PF_ST_RT		= 36, /* u8 */

152
	PF_ST_RT_IFNAME		= 37, /* string */

153
	PF_ST_SRC_NODE_FLAGS	= 38, /* u8 */

154
	PF_ST_RT_AF		= 39, /* u8 */

155
};

156


157
enum pf_addr_type_t {

158
	PF_AT_UNSPEC,

159
	PF_AT_ADDR		= 1, /* in6_addr */

160
	PF_AT_MASK		= 2, /* in6_addr */

161
	PF_AT_IFNAME		= 3, /* string */

162
	PF_AT_TABLENAME		= 4, /* string */

163
	PF_AT_TYPE		= 5, /* u8 */

164
	PF_AT_IFLAGS		= 6, /* u8 */

165
	PF_AT_TBLCNT		= 7, /* u32 */

166
	PF_AT_DYNCNT		= 8, /* u32 */

167
};

168


169
enum pfrule_addr_type_t {

170
	PF_RAT_UNSPEC,

171
	PF_RAT_ADDR		= 1, /* nested, pf_addr_type_t */

172
	PF_RAT_SRC_PORT		= 2, /* u16 */

173
	PF_RAT_DST_PORT		= 3, /* u16 */

174
	PF_RAT_NEG		= 4, /* u8 */

175
	PF_RAT_OP		= 5, /* u8 */

176
};

177


178
enum pf_labels_type_t {

179
	PF_LT_UNSPEC,

180
	PF_LT_LABEL		= 1, /* string */

181
};

182


183
enum pf_mape_portset_type_t

184
{

185
	PF_MET_UNSPEC,

186
	PF_MET_OFFSET		= 1, /* u8 */

187
	PF_MET_PSID_LEN		= 2, /* u8 */

188
	PF_MET_PSID		= 3, /* u16 */

189
};

190


191
enum pf_rpool_type_t

192
{

193
	PF_PT_UNSPEC,

194
	PF_PT_KEY		= 1, /* bytes, sizeof(struct pf_poolhashkey) */

195
	PF_PT_COUNTER		= 2, /* in6_addr */

196
	PF_PT_TBLIDX		= 3, /* u32 */

197
	PF_PT_PROXY_SRC_PORT	= 4, /* u16 */

198
	PF_PT_PROXY_DST_PORT	= 5, /* u16 */

199
	PF_PT_OPTS		= 6, /* u8 */

200
	PF_PT_MAPE		= 7, /* nested, pf_mape_portset_type_t */

201
};

202


203
enum pf_timeout_type_t {

204
	PF_TT_UNSPEC,

205
	PF_TT_TIMEOUT		= 1, /* u32 */

206
};

207


208
enum pf_rule_uid_type_t {

209
	PF_RUT_UNSPEC,

210
	PF_RUT_UID_LOW		= 1, /* u32 */

211
	PF_RUT_UID_HIGH		= 2, /* u32 */

212
	PF_RUT_OP		= 3, /* u8 */

213
};

214


215
enum pf_rule_type_t {

216
	PF_RT_UNSPEC,

217
	PF_RT_SRC		= 1, /* nested, pf_rule_addr_type_t */

218
	PF_RT_DST		= 2, /* nested, pf_rule_addr_type_t */

219
	PF_RT_RIDENTIFIER	= 3, /* u32 */

220
	PF_RT_LABELS		= 4, /* nested, pf_labels_type_t */

221
	PF_RT_IFNAME		= 5, /* string */

222
	PF_RT_QNAME		= 6, /* string */

223
	PF_RT_PQNAME		= 7, /* string */

224
	PF_RT_TAGNAME		= 8, /* string */

225
	PF_RT_MATCH_TAGNAME	= 9, /* string */

226
	PF_RT_OVERLOAD_TBLNAME	= 10, /* string */

227
	PF_RT_RPOOL_RDR		= 11, /* nested, pf_rpool_type_t */

228
	PF_RT_OS_FINGERPRINT	= 12, /* u32 */

229
	PF_RT_RTABLEID		= 13, /* u32 */

230
	PF_RT_TIMEOUT		= 14, /* nested, pf_timeout_type_t */

231
	PF_RT_MAX_STATES	= 15, /* u32 */

232
	PF_RT_MAX_SRC_NODES	= 16, /* u32 */

233
	PF_RT_MAX_SRC_STATES	= 17, /* u32 */

234
	PF_RT_MAX_SRC_CONN_RATE_LIMIT	= 18, /* u32 */

235
	PF_RT_MAX_SRC_CONN_RATE_SECS	= 19, /* u32 */

236
	PF_RT_DNPIPE		= 20, /* u16 */

237
	PF_RT_DNRPIPE		= 21, /* u16 */

238
	PF_RT_DNFLAGS		= 22, /* u32 */

239
	PF_RT_NR		= 23, /* u32 */

240
	PF_RT_PROB		= 24, /* u32 */

241
	PF_RT_CUID		= 25, /* u32 */

242
	PF_RT_CPID		= 26, /* u32 */

243
	PF_RT_RETURN_ICMP	= 27, /* u16 */

244
	PF_RT_RETURN_ICMP6	= 28, /* u16 */

245
	PF_RT_MAX_MSS		= 29, /* u16 */

246
	PF_RT_SCRUB_FLAGS	= 30, /* u16 */

247
	PF_RT_UID		= 31, /* nested, pf_rule_uid_type_t */

248
	PF_RT_GID		= 32, /* nested, pf_rule_uid_type_t */

249
	PF_RT_RULE_FLAG		= 33, /* u32 */

250
	PF_RT_ACTION		= 34, /* u8 */

251
	PF_RT_DIRECTION		= 35, /* u8 */

252
	PF_RT_LOG		= 36, /* u8 */

253
	PF_RT_LOGIF		= 37, /* u8 */

254
	PF_RT_QUICK		= 38, /* u8 */

255
	PF_RT_IF_NOT		= 39, /* u8 */

256
	PF_RT_MATCH_TAG_NOT	= 40, /* u8 */

257
	PF_RT_NATPASS		= 41, /* u8 */

258
	PF_RT_KEEP_STATE	= 42, /* u8 */

259
	PF_RT_AF		= 43, /* u8 */

260
	PF_RT_PROTO		= 44, /* u8 */

261
	PF_RT_TYPE		= 45, /* u8 */

262
	PF_RT_CODE		= 46, /* u8 */

263
	PF_RT_FLAGS		= 47, /* u8 */

264
	PF_RT_FLAGSET		= 48, /* u8 */

265
	PF_RT_MIN_TTL		= 49, /* u8 */

266
	PF_RT_ALLOW_OPTS	= 50, /* u8 */

267
	PF_RT_RT		= 51, /* u8 */

268
	PF_RT_RETURN_TTL	= 52, /* u8 */

269
	PF_RT_TOS		= 53, /* u8 */

270
	PF_RT_SET_TOS		= 54, /* u8 */

271
	PF_RT_ANCHOR_RELATIVE	= 55, /* u8 */

272
	PF_RT_ANCHOR_WILDCARD	= 56, /* u8 */

273
	PF_RT_FLUSH		= 57, /* u8 */

274
	PF_RT_PRIO		= 58, /* u8 */

275
	PF_RT_SET_PRIO		= 59, /* u8 */

276
	PF_RT_SET_PRIO_REPLY	= 60, /* u8 */

277
	PF_RT_DIVERT_ADDRESS	= 61, /* in6_addr */

278
	PF_RT_DIVERT_PORT	= 62, /* u16 */

279
	PF_RT_PACKETS_IN	= 63, /* u64 */

280
	PF_RT_PACKETS_OUT	= 64, /* u64 */

281
	PF_RT_BYTES_IN		= 65, /* u64 */

282
	PF_RT_BYTES_OUT		= 66, /* u64 */

283
	PF_RT_EVALUATIONS	= 67, /* u64 */

284
	PF_RT_TIMESTAMP		= 68, /* u64 */

285
	PF_RT_STATES_CUR	= 69, /* u64 */

286
	PF_RT_STATES_TOTAL	= 70, /* u64 */

287
	PF_RT_SRC_NODES		= 71, /* u64 */

288
	PF_RT_ANCHOR_CALL	= 72, /* string */

289
	PF_RT_RCV_IFNAME	= 73, /* string */

290
	PF_RT_MAX_SRC_CONN	= 74, /* u32 */

291
	PF_RT_RPOOL_NAT		= 75, /* nested, pf_rpool_type_t */

292
	PF_RT_NAF		= 76, /* u8 */

293
	PF_RT_RPOOL_RT		= 77, /* nested, pf_rpool_type_t */

294
	PF_RT_RCV_IFNOT		= 78, /* bool */

295
	PF_RT_SRC_NODES_LIMIT	= 79, /* u64 */

296
	PF_RT_SRC_NODES_NAT	= 80, /* u64 */

297
	PF_RT_SRC_NODES_ROUTE	= 81, /* u64 */

298
	PF_RT_PKTRATE		= 82, /* nested, pf_threshold_type_t */

299
	PF_RT_MAX_PKT_SIZE	= 83, /* u16 */

300
	PF_RT_TYPE_2		= 84, /* u16 */

301
	PF_RT_CODE_2		= 85, /* u16 */

302
	PF_RT_EXPTIME		= 86, /* time_t */

303
	PF_RT_STATE_LIMIT	= 87, /* u8 */

304
	PF_RT_SOURCE_LIMIT	= 88, /* u8 */

305
	PF_RT_STATE_LIMIT_ACTION = 89, /* u32 */

306
	PF_RT_SOURCE_LIMIT_ACTION = 90, /* u32 */

307
};

308


309
enum pf_addrule_type_t {

310
	PF_ART_UNSPEC,

311
	PF_ART_TICKET		= 1, /* u32 */

312
	PF_ART_POOL_TICKET	= 2, /* u32 */

313
	PF_ART_ANCHOR		= 3, /* string */

314
	PF_ART_ANCHOR_CALL	= 4, /* string */

315
	PF_ART_RULE		= 5, /* nested, pfrule_type_t */

316
};

317


318
enum pf_getrules_type_t {

319
	PF_GR_UNSPEC,

320
	PF_GR_ANCHOR		= 1, /* string */

321
	PF_GR_ACTION		= 2, /* u8 */

322
	PF_GR_NR		= 3, /* u32 */

323
	PF_GR_TICKET		= 4, /* u32 */

324
	PF_GR_CLEAR		= 5, /* u8 */

325
};

326


327
enum pf_clear_states_type_t {

328
	PF_CS_UNSPEC,

329
	PF_CS_CMP_ID		= 1, /* u64 */

330
	PF_CS_CMP_CREATORID	= 2, /* u32 */

331
	PF_CS_CMP_DIR		= 3, /* u8 */

332
	PF_CS_AF		= 4, /* u8 */

333
	PF_CS_PROTO		= 5, /* u8 */

334
	PF_CS_SRC		= 6, /* nested, pf_addr_wrap */

335
	PF_CS_DST		= 7, /* nested, pf_addr_wrap */

336
	PF_CS_RT_ADDR		= 8, /* nested, pf_addr_wrap */

337
	PF_CS_IFNAME		= 9, /* string */

338
	PF_CS_LABEL		= 10, /* string */

339
	PF_CS_KILL_MATCH	= 11, /* bool */

340
	PF_CS_NAT		= 12, /* bool */

341
	PF_CS_KILLED		= 13, /* u32 */

342
};

343


344
enum pf_set_statusif_types_t {

345
	PF_SS_UNSPEC,

346
	PF_SS_IFNAME		= 1, /* string */

347
};

348


349
enum pf_counter_types_t {

350
	PF_C_UNSPEC,

351
	PF_C_COUNTER		= 1, /* u64 */

352
	PF_C_NAME		= 2, /* string */

353
	PF_C_ID			= 3, /* u32 */

354
};

355


356
enum pf_get_status_types_t {

357
	PF_GS_UNSPEC,

358
	PF_GS_IFNAME		= 1, /* string */

359
	PF_GS_RUNNING		= 2, /* bool */

360
	PF_GS_SINCE		= 3, /* u32 */

361
	PF_GS_DEBUG		= 4, /* u32 */

362
	PF_GS_HOSTID		= 5, /* u32 */

363
	PF_GS_STATES		= 6, /* u32 */

364
	PF_GS_SRC_NODES		= 7, /* u32 */

365
	PF_GS_REASSEMBLE	= 8, /* u32 */

366
	PF_GS_SYNCOOKIES_ACTIVE	= 9, /* bool */

367
	PF_GS_COUNTERS		= 10, /* nested, */

368
	PF_GS_LCOUNTERS		= 11, /* nested, */

369
	PF_GS_FCOUNTERS		= 12, /* nested, */

370
	PF_GS_SCOUNTERS		= 13, /* nested, */

371
	PF_GS_CHKSUM		= 14, /* byte array */

372
	PF_GS_PCOUNTERS		= 15, /* u64 array */

373
	PF_GS_BCOUNTERS		= 16, /* u64 array */

374
	PF_GS_NCOUNTERS		= 17, /* nested, */

375
	PF_GS_FRAGMENTS		= 18, /* u64, */

376
};

377


378
enum pf_natlook_types_t {

379
	PF_NL_UNSPEC,

380
	PF_NL_AF		= 1, /* u8 */

381
	PF_NL_DIRECTION		= 2, /* u8 */

382
	PF_NL_PROTO		= 3, /* u8 */

383
	PF_NL_SRC_ADDR		= 4, /* in6_addr */

384
	PF_NL_DST_ADDR		= 5, /* in6_addr */

385
	PF_NL_SRC_PORT		= 6, /* u16 */

386
	PF_NL_DST_PORT		= 7, /* u16 */

387
};

388


389
enum pf_set_debug_types_t {

390
	PF_SD_UNSPEC,

391
	PF_SD_LEVEL		= 1, /* u32 */

392
};

393


394
enum pf_timeout_types_t {

395
	PF_TO_UNSPEC,

396
	PF_TO_TIMEOUT		= 1, /* u32 */

397
	PF_TO_SECONDS		= 2, /* u32 */

398
};

399


400
enum pf_limit_types_t {

401
	PF_LI_UNSPEC,

402
	PF_LI_INDEX		= 1, /* u32 */

403
	PF_LI_LIMIT		= 2, /* u32 */

404
};

405


406
enum pf_begin_addrs_types_t {

407
	PF_BA_UNSPEC,

408
	PF_BA_TICKET		= 1, /* u32 */

409
};

410


411
enum pf_pool_addr_types_t {

412
	PF_PA_UNSPEC,

413
	PF_PA_ADDR		= 1, /* nested, pf_addr_wrap */

414
	PF_PA_IFNAME		= 2, /* string */

415
};

416


417
enum pf_add_addr_types_t {

418
	PF_AA_UNSPEC,

419
	PF_AA_ACTION		= 1, /* u32 */

420
	PF_AA_TICKET		= 2, /* u32 */

421
	PF_AA_NR		= 3, /* u32 */

422
	PF_AA_R_NUM		= 4, /* u32 */

423
	PF_AA_R_ACTION		= 5, /* u8 */

424
	PF_AA_R_LAST		= 6, /* u8 */

425
	PF_AA_AF		= 7, /* u8 */

426
	PF_AA_ANCHOR		= 8, /* string */

427
	PF_AA_ADDR		= 9, /* nested, pf_pooladdr */

428
	PF_AA_WHICH		= 10, /* u32 */

429
};

430


431
enum pf_get_rulesets_types_t {

432
	PF_RS_UNSPEC,

433
	PF_RS_PATH		= 1, /* string */

434
	PF_RS_NR		= 2, /* u32 */

435
	PF_RS_NAME		= 3, /* string */

436
};

437


438
enum pf_threshold_types_t {

439
	PF_TH_UNSPEC,

440
	PF_TH_LIMIT		= 1, /* u32 */

441
	PF_TH_SECONDS		= 2, /* u32 */

442
	PF_TH_COUNT		= 3, /* u32 */

443
	PF_TH_LAST		= 4, /* u32 */

444
};

445


446
enum pf_srcnodes_types_t {

447
	PF_SN_UNSPEC,

448
	PF_SN_ADDR		= 1, /* nested, pf_addr */

449
	PF_SN_RADDR		= 2, /* nested, pf_addr */

450
	PF_SN_RULE_NR		= 3, /* u32 */

451
	PF_SN_BYTES_IN		= 4, /* u64 */

452
	PF_SN_BYTES_OUT		= 5, /* u64 */

453
	PF_SN_PACKETS_IN	= 6, /* u64 */

454
	PF_SN_PACKETS_OUT	= 7, /* u64 */

455
	PF_SN_STATES		= 8, /* u32 */

456
	PF_SN_CONNECTIONS	= 9, /* u32 */

457
	PF_SN_AF		= 10, /* u8 */

458
	PF_SN_RULE_TYPE		= 11, /* u8 */

459
	PF_SN_CREATION		= 12, /* u64 */

460
	PF_SN_EXPIRE		= 13, /* u64 */

461
	PF_SN_CONNECTION_RATE	= 14, /* nested, pf_threshold */

462
	PF_SN_RAF		= 15, /* u8 */

463
	PF_SN_NODE_TYPE		= 16, /* u8 */

464
};

465


466
enum pf_tables_t {

467
	PF_T_UNSPEC,

468
	PF_T_ANCHOR		= 1, /* string */

469
	PF_T_NAME		= 2, /* string */

470
	PF_T_TABLE_FLAGS	= 3, /* u32 */

471
	PF_T_FLAGS		= 4, /* u32 */

472
	PF_T_NBR_DELETED	= 5, /* u32 */

473
	PF_T_NBR_ADDED		= 6, /* u32 */

474
};

475


476
enum pf_tstats_t {

477
	PF_TS_UNSPEC,

478
	PF_TS_TABLE		= 1, /* nested, pfr_table */

479
	PF_TS_PACKETS		= 2, /* u64 array */

480
	PF_TS_BYTES		= 3, /* u64 array */

481
	PF_TS_MATCH		= 4, /* u64 */

482
	PF_TS_NOMATCH		= 5, /* u64 */

483
	PF_TS_TZERO		= 6, /* u64 */

484
	PF_TS_CNT		= 7, /* u64 */

485
	PF_TS_REFCNT		= 8, /* u64 array */

486
	PF_TS_NZERO		= 9, /* u64 */

487
};

488


489
enum pfr_addr_t {

490
	PFR_A_UNSPEC,

491
	PFR_A_AF		= 1, /* uint8_t */

492
	PFR_A_NET		= 2, /* uint8_t */

493
	PFR_A_NOT		= 3, /* bool */

494
	PFR_A_ADDR		= 4, /* in6_addr */

495
};

496


497
enum pf_table_addrs_t {

498
	PF_TA_UNSPEC,

499
	PF_TA_TABLE		= 1, /* nested, pf_table_t */

500
	PF_TA_ADDR		= 2, /* nested, pfr_addr_t */

501
	PF_TA_FLAGS		= 3, /* u32 */

502
	PF_TA_NBR_ADDED		= 4, /* u32 */

503
	PF_TA_NBR_DELETED	= 5, /* u32 */

504
	PF_TA_NBR_CHANGED	= 6, /* u32 */

505
	PF_TA_ADDR_COUNT	= 7, /* u32 */

506
};

507


508
enum pf_astats_t {

509
	PF_AS_UNSPEC,

510
	PF_AS_ADDR		= 1, /* nested, pfr_addr_t */

511
	PF_AS_PACKETS		= 2, /* u64 array */

512
	PF_AS_BYTES		= 3, /* u64 array */

513
	PF_AS_TZERO		= 4, /* time_t */

514
};

515


516
enum pf_table_astats_t {

517
	PF_TAS_UNSPEC,

518
	PF_TAS_TABLE		= 1, /* nested pf_table_t */

519
	PF_TAS_ASTATS		= 2, /* nested, pfr_astats_t */

520
	PF_TAS_FLAGS		= 3, /* u32 */

521
	PF_TAS_ASTATS_COUNT	= 4, /* u32 */

522
	PF_TAS_ASTATS_ZEROED	= 5, /* u32 */

523
};

524


525
enum pf_limit_rate_t {

526
	PF_LR_UNSPEC,

527
	PF_LR_LIMIT		= 1, /* u32 */

528
	PF_LR_SECONDS		= 2, /* u32 */

529
};

530


531
enum pf_state_limit_t {

532
	PF_SL_UNSPEC,

533
	PF_SL_TICKET		= 1, /* u32 */

534
	PF_SL_NAME		= 2, /* string */

535
	PF_SL_ID		= 3, /* u32 */

536
	PF_SL_LIMIT		= 4, /* u32 */

537
	PF_SL_RATE		= 5, /* nested, pf_limit_rate_t */

538
	PF_SL_DESCR		= 6, /* string */

539
	PF_SL_INUSE		= 7, /* u32 */

540
	PF_SL_ADMITTED		= 8, /* u64 */

541
	PF_SL_HARDLIMITED	= 9, /* u64 */

542
	PF_SL_RATELIMITED	= 10, /* u64 */

543
};

544


545
enum pf_source_limit_t {

546
	PF_SCL_UNSPEC,

547
	PF_SCL_TICKET		= 1, /* u32 */

548
	PF_SCL_NAME		= 2, /* string */

549
	PF_SCL_ID		= 3, /* u32 */

550
	PF_SCL_ENTRIES		= 4, /* u32 */

551
	PF_SCL_LIMIT		= 5, /* u32 */

552
	PF_SCL_RATE		= 6, /* nested, pf_limit_rate_t */

553
	PF_SCL_OVERLOAD_TBL_NAME	= 7, /* string*/

554
	PF_SCL_OVERLOAD_HIGH_WM	= 8, /* u32 */

555
	PF_SCL_OVERLOAD_LOW_WM	= 9, /* u32 */

556
	PF_SCL_INET_PREFIX	= 10, /* u32 */

557
	PF_SCL_INET6_PREFIX	= 11, /* u32 */

558
	PF_SCL_DESCR		= 12, /* string */

559
	PF_SCL_NENTRIES		= 13, /* u32 */

560
	PF_SCL_INUSE		= 14, /* u32 */

561
	PF_SCL_ADDR_ALLOCS	= 15, /* u64 */

562
	PF_SCL_ADDR_NOMEM	= 16, /* u64 */

563
	PF_SCL_ADMITTED		= 17, /* u64 */

564
	PF_SCL_ADDRLIMITED	= 18, /* u64 */

565
	PF_SCL_HARDLIMITED	= 19, /* u64 */

566
	PF_SCL_RATELIMITED	= 20, /* u64 */

567
};

568


569
enum pf_source_t {

570
	PF_SRC_UNSPEC,

571
	PF_SRC_NAME		= 1, /* string */

572
	PF_SRC_ID		= 2, /* u32 */

573
	PF_SRC_AF		= 3, /* u8 */

574
	PF_SRC_RDOMAIN		= 4, /* u32 */

575
	PF_SRC_ADDR		= 5, /* in6_addr */

576
	PF_SRC_INUSE		= 6, /* u32 */

577
	PF_SRC_ADMITTED		= 7, /* u64 */

578
	PF_SRC_HARDLIMITED	= 8, /* u64 */

579
	PF_SRC_RATELIMITED	= 9, /* u64 */

580
	PF_SRC_LIMIT		= 10, /* u32 */

581
	PF_SRC_INET_PREFIX	= 11, /* u32 */

582
	PF_SRC_INET6_PREFIX	= 12, /* u32 */

583
};

584


585
enum pf_source_clear_t {

586
	PF_SC_UNSPEC,

587
	PF_SC_NAME		= 1, /* string */

588
	PF_SC_ID		= 2, /* u32*/

589
	PF_SC_RDOMAIN		= 3, /* u32 */

590
	PF_SC_AF		= 4, /* u8 */

591
	PF_SC_ADDR		= 5, /* in6_addr */

592
};

593


594
#ifdef _KERNEL

595


596
void	pf_nl_register(void);

597
void	pf_nl_unregister(void);

598


599
#endif

600


601
#endif

602


603