yannweb
/
netsukuku
Watch 2
Star 1
Fork 0
Code Issues 4 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
201 Commits
4 Branches
Tree: dd43556d0b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dd43556d0b'
${ noResults }
netsukuku/src/libiptc/libiptc.h

libiptc.h 5.6KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183 
  1. #ifndef _LIBIPTC_H

  2. #define _LIBIPTC_H

  3. /* Library which manipulates filtering rules. */

  4. 

  5. #ifndef _FWCHAINS_KERNEL_HEADERS_H

  6. #define _FWCHAINS_KERNEL_HEADERS_H

  7. 

  8. #include <limits.h>

  9. 

  10. #ifdef HAVE_NET_IF_H

  11. #include <netinet/in.h>

  12. #include <netinet/tcp.h>

  13. #include <netinet/udp.h>

  14. #include <net/if.h>

  15. #include <sys/types.h>

  16. #else							/* libc5 */

  17. #include <sys/socket.h>

  18. #include <linux/ip.h>

  19. #include <linux/in.h>

  20. #include <linux/if.h>

  21. #include <linux/icmp.h>

  22. #include <linux/tcp.h>

  23. #include <linux/udp.h>

  24. #include <linux/types.h>

  25. #include <linux/in6.h>

  26. #endif

  27. #endif

  28. #include <linux/netfilter_ipv4/ip_tables.h>

  29. 

  30. #ifdef __cplusplus

  31. extern "C" {

  32. #endif

  33. 

  34. #ifndef IPT_MIN_ALIGN

  35. /* ipt_entry has pointers and u_int64_t's in it, so if you align to

  36.    it, you'll also align to any crazy matches and targets someone

  37.    might write */

  38. #define IPT_MIN_ALIGN (__alignof__(struct ipt_entry))

  39. #endif

  40. 

  41. #define IPT_ALIGN(s) (((s) + ((IPT_MIN_ALIGN)-1)) & ~((IPT_MIN_ALIGN)-1))

  42. 

  43. 	typedef char ipt_chainlabel[32];

  44. 

  45. #define IPTC_LABEL_ACCEPT  "ACCEPT"

  46. #define IPTC_LABEL_DROP    "DROP"

  47. #define IPTC_LABEL_QUEUE   "QUEUE"

  48. #define IPTC_LABEL_RETURN  "RETURN"

  49. 

  50. /* Transparent handle type. */

  51. 	typedef struct iptc_handle *iptc_handle_t;

  52. 

  53. /* Does this chain exist? */

  54. 	int iptc_is_chain(const char *chain, const iptc_handle_t handle);

  55. 

  56. /* Take a snapshot of the rules.  Returns NULL on error. */

  57. 	iptc_handle_t iptc_init(const char *tablename);

  58. 

  59. /* Cleanup after iptc_init(). */

  60. 	void iptc_free(iptc_handle_t * h);

  61. 

  62. /* Iterator functions to run through the chains.  Returns NULL at end. */

  63. 	const char *iptc_first_chain(iptc_handle_t * handle);

  64. 	const char *iptc_next_chain(iptc_handle_t * handle);

  65. 

  66. /* Get first rule in the given chain: NULL for empty chain. */

  67. 	const struct ipt_entry *iptc_first_rule(const char *chain,

  68. 											iptc_handle_t * handle);

  69. 

  70. /* Returns NULL when rules run out. */

  71. 	const struct ipt_entry *iptc_next_rule(const struct ipt_entry *prev,

  72. 										   iptc_handle_t * handle);

  73. 

  74. /* Returns a pointer to the target name of this entry. */

  75. 	const char *iptc_get_target(const struct ipt_entry *e,

  76. 								iptc_handle_t * handle);

  77. 

  78. /* Is this a built-in chain? */

  79. 	int iptc_builtin(const char *chain, const iptc_handle_t handle);

  80. 

  81. /* Get the policy of a given built-in chain */

  82. 	const char *iptc_get_policy(const char *chain,

  83. 								struct ipt_counters *counter,

  84. 								iptc_handle_t * handle);

  85. 

  86. /* These functions return TRUE for OK or 0 and set errno.  If errno ==

  87.    0, it means there was a version error (ie. upgrade libiptc). */

  88. /* Rule numbers start at 1 for the first rule. */

  89. 

  90. /* Insert the entry `e' in chain `chain' into position `rulenum'. */

  91. 	int iptc_insert_entry(const ipt_chainlabel chain,

  92. 						  const struct ipt_entry *e,

  93. 						  unsigned int rulenum, iptc_handle_t * handle);

  94. 

  95. /* Atomically replace rule `rulenum' in `chain' with `e'. */

  96. 	int iptc_replace_entry(const ipt_chainlabel chain,

  97. 						   const struct ipt_entry *e,

  98. 						   unsigned int rulenum, iptc_handle_t * handle);

  99. 

  100. /* Append entry `e' to chain `chain'.  Equivalent to insert with

  101.    rulenum = length of chain. */

  102. 	int iptc_append_entry(const ipt_chainlabel chain,

  103. 						  const struct ipt_entry *e,

  104. 						  iptc_handle_t * handle);

  105. 

  106. /* Delete the first rule in `chain' which matches `e', subject to

  107.    matchmask (array of length == origfw) */

  108. 	int iptc_delete_entry(const ipt_chainlabel chain,

  109. 						  const struct ipt_entry *origfw,

  110. 						  unsigned char *matchmask,

  111. 						  iptc_handle_t * handle);

  112. 

  113. /* Delete the rule in position `rulenum' in `chain'. */

  114. 	int iptc_delete_num_entry(const ipt_chainlabel chain,

  115. 							  unsigned int rulenum,

  116. 							  iptc_handle_t * handle);

  117. 

  118. /* Check the packet `e' on chain `chain'.  Returns the verdict, or

  119.    NULL and sets errno. */

  120. 	const char *iptc_check_packet(const ipt_chainlabel chain,

  121. 								  struct ipt_entry *entry,

  122. 								  iptc_handle_t * handle);

  123. 

  124. /* Flushes the entries in the given chain (ie. empties chain). */

  125. 	int iptc_flush_entries(const ipt_chainlabel chain,

  126. 						   iptc_handle_t * handle);

  127. 

  128. /* Zeroes the counters in a chain. */

  129. 	int iptc_zero_entries(const ipt_chainlabel chain,

  130. 						  iptc_handle_t * handle);

  131. 

  132. /* Creates a new chain. */

  133. 	int iptc_create_chain(const ipt_chainlabel chain,

  134. 						  iptc_handle_t * handle);

  135. 

  136. /* Deletes a chain. */

  137. 	int iptc_delete_chain(const ipt_chainlabel chain,

  138. 						  iptc_handle_t * handle);

  139. 

  140. /* Renames a chain. */

  141. 	int iptc_rename_chain(const ipt_chainlabel oldname,

  142. 						  const ipt_chainlabel newname,

  143. 						  iptc_handle_t * handle);

  144. 

  145. /* Sets the policy on a built-in chain. */

  146. 	int iptc_set_policy(const ipt_chainlabel chain,

  147. 						const ipt_chainlabel policy,

  148. 						struct ipt_counters *counters,

  149. 						iptc_handle_t * handle);

  150. 

  151. /* Get the number of references to this chain */

  152. 	int iptc_get_references(unsigned int *ref,

  153. 							const ipt_chainlabel chain,

  154. 							iptc_handle_t * handle);

  155. 

  156. /* read packet and byte counters for a specific rule */

  157. 	struct ipt_counters *iptc_read_counter(const ipt_chainlabel chain,

  158. 										   unsigned int rulenum,

  159. 										   iptc_handle_t * handle);

  160. 

  161. /* zero packet and byte counters for a specific rule */

  162. 	int iptc_zero_counter(const ipt_chainlabel chain,

  163. 						  unsigned int rulenum, iptc_handle_t * handle);

  164. 

  165. /* set packet and byte counters for a specific rule */

  166. 	int iptc_set_counter(const ipt_chainlabel chain,

  167. 						 unsigned int rulenum,

  168. 						 struct ipt_counters *counters,

  169. 						 iptc_handle_t * handle);

  170. 

  171. /* Makes the actual changes. */

  172. 	int iptc_commit(iptc_handle_t * handle);

  173. 

  174. /* Get raw socket. */

  175. 	int iptc_get_raw_socket();

  176. 

  177. /* Translates errno numbers into more human-readable form than strerror. */

  178. 	const char *iptc_strerror(int err);

  179. 

  180. #ifdef __cplusplus

  181. }

  182. #endif

  183. #endif							/* _LIBIPTC_H */