Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/netinet/ip_proxy.h
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /* $NetBSD: ip_proxy.h,v 1.19 2004/03/28 09:00:57 martti Exp $ */ 2 3 /* 4 * Copyright (C) 1997-2001 by Darren Reed. 5 * 6 * See the IPFILTER.LICENCE file for details on licencing. 7 * 8 * Id: ip_proxy.h,v 2.31 2003/07/25 12:29:59 darrenr Exp 9 */ 10 11 #ifndef _NETINET_IP_PROXY_H_ 12 #define _NETINET_IP_PROXY_H_ 13 14 #ifndef SOLARIS 15 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4))) 16 #endif 17 18 #ifndef APR_LABELLEN 19 #define APR_LABELLEN 16 20 #endif 21 #define AP_SESS_SIZE 53 22 23 struct nat; 24 struct ipnat; 25 26 typedef struct ap_tcp { 27 u_short apt_sport; /* source port */ 28 u_short apt_dport; /* destination port */ 29 short apt_sel[2]; /* {seq,ack}{off,min} set selector */ 30 short apt_seqoff[2]; /* sequence # difference */ 31 tcp_seq apt_seqmin[2]; /* don't change seq-off until after this */ 32 short apt_ackoff[2]; /* sequence # difference */ 33 tcp_seq apt_ackmin[2]; /* don't change seq-off until after this */ 34 u_char apt_state[2]; /* connection state */ 35 } ap_tcp_t; 36 37 typedef struct ap_udp { 38 u_short apu_sport; /* source port */ 39 u_short apu_dport; /* destination port */ 40 } ap_udp_t; 41 42 typedef struct ap_session { 43 struct aproxy *aps_apr; 44 union { 45 struct ap_tcp apu_tcp; 46 struct ap_udp apu_udp; 47 } aps_un; 48 u_int aps_flags; 49 U_QUAD_T aps_bytes; /* bytes sent */ 50 U_QUAD_T aps_pkts; /* packets sent */ 51 void *aps_nat; /* pointer back to nat struct */ 52 void *aps_data; /* private data */ 53 int aps_p; /* protocol */ 54 int aps_psiz; /* size of private data */ 55 struct ap_session *aps_hnext; 56 struct ap_session *aps_next; 57 } ap_session_t; 58 59 #define aps_sport aps_un.apu_tcp.apt_sport 60 #define aps_dport aps_un.apu_tcp.apt_dport 61 #define aps_sel aps_un.apu_tcp.apt_sel 62 #define aps_seqoff aps_un.apu_tcp.apt_seqoff 63 #define aps_seqmin aps_un.apu_tcp.apt_seqmin 64 #define aps_state aps_un.apu_tcp.apt_state 65 #define aps_ackoff aps_un.apu_tcp.apt_ackoff 66 #define aps_ackmin aps_un.apu_tcp.apt_ackmin 67 68 69 typedef struct ap_control { 70 char apc_label[APR_LABELLEN]; 71 u_char apc_p; 72 /* 73 * The following fields are upto the proxy's apr_ctl routine to deal 74 * with. When the proxy gets this in kernel space, apc_data will 75 * point to a malloc'd region of memory of apc_dsize bytes. If the 76 * proxy wants to keep that memory, it must set apc_data to NULL 77 * before it returns. It is expected if this happens that it will 78 * take care to free it in apr_fini or otherwise as appropriate. 79 * apc_cmd is provided as a standard place to put simple commands, 80 * with apc_arg being available to put a simple arg. 81 */ 82 u_long apc_cmd; 83 u_long apc_arg; 84 void *apc_data; 85 size_t apc_dsize; 86 } ap_ctl_t; 87 88 89 typedef struct aproxy { 90 struct aproxy *apr_next; 91 char apr_label[APR_LABELLEN]; /* Proxy label # */ 92 u_char apr_p; /* protocol */ 93 int apr_ref; /* +1 per rule referencing it */ 94 int apr_flags; 95 int (* apr_init) __P((void)); 96 void (* apr_fini) __P((void)); 97 int (* apr_new) __P((fr_info_t *, ap_session_t *, struct nat *)); 98 void (* apr_del) __P((ap_session_t *)); 99 int (* apr_inpkt) __P((fr_info_t *, ap_session_t *, struct nat *)); 100 int (* apr_outpkt) __P((fr_info_t *, ap_session_t *, struct nat *)); 101 int (* apr_match) __P((fr_info_t *, ap_session_t *, struct nat *)); 102 int (* apr_ctl) __P((struct aproxy *, struct ap_control *)); 103 } aproxy_t; 104 105 #define APR_DELETE 1 106 107 #define APR_ERR(x) ((x) << 16) 108 #define APR_EXIT(x) (((x) >> 16) & 0xffff) 109 #define APR_INC(x) ((x) & 0xffff) 110 111 /* 112 * Generic #define's to cover missing things in the kernel 113 */ 114 #ifndef isdigit 115 #define isdigit(x) ((x) >= '' && (x) <= '9') 116 #endif 117 #ifndef isupper 118 #define isupper(x) (((unsigned)(x) >= 'A') && ((unsigned)(x) <= 'Z')) 119 #endif 120 #ifndef islower 121 #define islower(x) (((unsigned)(x) >= 'a') && ((unsigned)(x) <= 'z')) 122 #endif 123 #ifndef isalpha 124 #define isalpha(x) (isupper(x) || islower(x)) 125 #endif 126 #ifndef toupper 127 #define toupper(x) (isupper(x) ? (x) : (x) - 'a' + 'A') 128 #endif 129 #ifndef isspace 130 #define isspace(x) (((x) == ' ') || ((x) == '\r') || ((x) == '\n') || \ 131 ((x) == '\t') || ((x) == '\b')) 132 #endif 133 134 /* 135 * For the ftp proxy. 136 */ 137 #define FTP_BUFSZ 160 138 139 typedef struct ftpside { 140 char *ftps_rptr; 141 char *ftps_wptr; 142 void *ftps_ifp; 143 u_32_t ftps_seq[2]; 144 u_32_t ftps_len; 145 int ftps_junk; 146 int ftps_cmds; 147 char ftps_buf[FTP_BUFSZ]; 148 } ftpside_t; 149 150 typedef struct ftpinfo { 151 int ftp_passok; 152 int ftp_incok; 153 ftpside_t ftp_side[2]; 154 } ftpinfo_t; 155 156 157 /* 158 * For the irc proxy. 159 */ 160 typedef struct ircinfo { 161 size_t irc_len; 162 char *irc_snick; 163 char *irc_dnick; 164 char *irc_type; 165 char *irc_arg; 166 char *irc_addr; 167 u_32_t irc_ipnum; 168 u_short irc_port; 169 } ircinfo_t; 170 171 172 /* 173 * Real audio proxy structure and #defines 174 */ 175 typedef struct raudio_s { 176 int rap_seenpna; 177 int rap_seenver; 178 int rap_version; 179 int rap_eos; /* End Of Startup */ 180 int rap_gotid; 181 int rap_gotlen; 182 int rap_mode; 183 int rap_sdone; 184 u_short rap_plport; 185 u_short rap_prport; 186 u_short rap_srport; 187 char rap_svr[19]; 188 u_32_t rap_sbf; /* flag to indicate which of the 19 bytes have 189 * been filled 190 */ 191 tcp_seq rap_sseq; 192 } raudio_t; 193 194 #define RA_ID_END 0 195 #define RA_ID_UDP 1 196 #define RA_ID_ROBUST 7 197 198 #define RAP_M_UDP 1 199 #define RAP_M_ROBUST 2 200 #define RAP_M_TCP 4 201 #define RAP_M_UDP_ROBUST (RAP_M_UDP|RAP_M_ROBUST) 202 203 204 typedef struct msnrpcinfo { 205 u_int mri_flags; 206 int mri_cmd[2]; 207 u_int mri_valid; 208 struct in_addr mri_raddr; 209 u_short mri_rport; 210 } msnrpcinfo_t; 211 212 213 /* 214 * IPSec proxy 215 */ 216 typedef u_32_t ipsec_cookie_t[2]; 217 218 typedef struct ipsec_pxy { 219 ipsec_cookie_t ipsc_icookie; 220 ipsec_cookie_t ipsc_rcookie; 221 int ipsc_rckset; 222 ipnat_t ipsc_rule; 223 nat_t *ipsc_nat; 224 ipstate_t *ipsc_state; 225 } ipsec_pxy_t; 226 227 /* 228 * Sun RPCBIND proxy 229 */ 230 #define RPCB_MAXMSG 888 231 #define RPCB_RES_PMAP 0 /* Response contains a v2 port. */ 232 #define RPCB_RES_STRING 1 /* " " " v3 (GETADDR) string. */ 233 #define RPCB_RES_LIST 2 /* " " " v4 (GETADDRLIST) list. */ 234 #define RPCB_MAXREQS 32 /* Arbitrary limit on tracked transactions */ 235 236 #define RPCB_REQMIN 40 237 #define RPCB_REQMAX 888 238 #define RPCB_REPMIN 20 239 #define RPCB_REPMAX 604 /* XXX double check this! */ 240 241 /* 242 * These macros determine the number of bytes between p and the end of 243 * r->rs_buf relative to l. 244 */ 245 #define RPCB_BUF_END(r) (char *)((r)->rm_msgbuf + (r)->rm_buflen) 246 #define RPCB_BUF_GEQ(r, p, l) \ 247 ((RPCB_BUF_END((r)) > (char *)(p)) && \ 248 ((RPCB_BUF_END((r)) - (char *)(p)) >= (l))) 249 #define RPCB_BUF_EQ(r, p, l) \ 250 (RPCB_BUF_END((r)) == ((char *)(p) + (l))) 251 252 /* 253 * The following correspond to RPC(B) detailed in RFC183[13]. 254 */ 255 #define RPCB_CALL 0 256 #define RPCB_REPLY 1 257 #define RPCB_MSG_VERSION 2 258 #define RPCB_PROG 100000 259 #define RPCB_GETPORT 3 260 #define RPCB_GETADDR 3 261 #define RPCB_GETADDRLIST 11 262 #define RPCB_MSG_ACCEPTED 0 263 #define RPCB_MSG_DENIED 1 264 265 /* BEGIN (Generic XDR structures) */ 266 typedef struct xdr_string { 267 u_32_t *xs_len; 268 char *xs_str; 269 } xdr_string_t; 270 271 typedef struct xdr_auth { 272 /* u_32_t xa_flavor; */ 273 xdr_string_t xa_string; 274 } xdr_auth_t; 275 276 typedef struct xdr_uaddr { 277 u_32_t xu_ip; 278 u_short xu_port; 279 xdr_string_t xu_str; 280 } xdr_uaddr_t; 281 282 typedef struct xdr_proto { 283 u_int xp_proto; 284 xdr_string_t xp_str; 285 } xdr_proto_t; 286 287 #define xu_xslen xu_str.xs_len 288 #define xu_xsstr xu_str.xs_str 289 #define xp_xslen xp_str.xs_len 290 #define xp_xsstr xp_str.xs_str 291 /* END (Generic XDR structures) */ 292 293 /* BEGIN (RPC call structures) */ 294 typedef struct pmap_args { 295 /* u_32_t pa_prog; */ 296 /* u_32_t pa_vers; */ 297 u_32_t *pa_prot; 298 /* u_32_t pa_port; */ 299 } pmap_args_t; 300 301 typedef struct rpcb_args { 302 /* u_32_t *ra_prog; */ 303 /* u_32_t *ra_vers; */ 304 xdr_proto_t ra_netid; 305 xdr_uaddr_t ra_maddr; 306 /* xdr_string_t ra_owner; */ 307 } rpcb_args_t; 308 309 typedef struct rpc_call { 310 /* u_32_t rc_rpcvers; */ 311 /* u_32_t rc_prog; */ 312 u_32_t *rc_vers; 313 u_32_t *rc_proc; 314 xdr_auth_t rc_authcred; 315 xdr_auth_t rc_authverf; 316 union { 317 pmap_args_t ra_pmapargs; 318 rpcb_args_t ra_rpcbargs; 319 } rpcb_args; 320 } rpc_call_t; 321 322 #define rc_pmapargs rpcb_args.ra_pmapargs 323 #define rc_rpcbargs rpcb_args.ra_rpcbargs 324 /* END (RPC call structures) */ 325 326 /* BEGIN (RPC reply structures) */ 327 typedef struct rpcb_entry { 328 xdr_uaddr_t re_maddr; 329 xdr_proto_t re_netid; 330 /* u_32_t re_semantics; */ 331 xdr_string_t re_family; 332 xdr_proto_t re_proto; 333 u_32_t *re_more; /* 1 == another entry follows */ 334 } rpcb_entry_t; 335 336 typedef struct rpcb_listp { 337 u_32_t *rl_list; /* 1 == list follows */ 338 int rl_cnt; 339 rpcb_entry_t rl_entries[2]; /* TCP / UDP only */ 340 } rpcb_listp_t; 341 342 typedef struct rpc_resp { 343 /* u_32_t rr_acceptdeny; */ 344 /* Omitted 'message denied' fork; we don't care about rejects. */ 345 xdr_auth_t rr_authverf; 346 /* u_32_t *rr_astat; */ 347 union { 348 u_32_t *resp_pmap; 349 xdr_uaddr_t resp_getaddr; 350 rpcb_listp_t resp_getaddrlist; 351 } rpcb_reply; 352 } rpc_resp_t; 353 354 #define rr_v2 rpcb_reply.resp_pmap 355 #define rr_v3 rpcb_reply.resp_getaddr 356 #define rr_v4 rpcb_reply.resp_getaddrlist 357 /* END (RPC reply structures) */ 358 359 /* BEGIN (RPC message structure & macros) */ 360 typedef struct rpc_msg { 361 char rm_msgbuf[RPCB_MAXMSG]; /* RPCB data buffer */ 362 u_int rm_buflen; 363 u_32_t *rm_xid; 364 /* u_32_t Call vs Reply */ 365 union { 366 rpc_call_t rb_call; 367 rpc_resp_t rb_resp; 368 } rm_body; 369 } rpc_msg_t; 370 371 #define rm_call rm_body.rb_call 372 #define rm_resp rm_body.rb_resp 373 /* END (RPC message structure & macros) */ 374 375 /* 376 * These code paths aren't hot enough to warrant per transaction 377 * mutexes. 378 */ 379 typedef struct rpcb_xact { 380 struct rpcb_xact *rx_next; 381 struct rpcb_xact **rx_pnext; 382 u_32_t rx_xid; /* RPC transmission ID */ 383 u_int rx_type; /* RPCB response type */ 384 u_int rx_ref; /* reference count */ 385 u_int rx_proto; /* transport protocol (v2 only) */ 386 } rpcb_xact_t; 387 388 typedef struct rpcb_session { 389 ipfmutex_t rs_rxlock; 390 rpcb_xact_t *rs_rxlist; 391 } rpcb_session_t; 392 393 /* 394 * For an explanation, please see the following: 395 * RFC1832 - Sections 3.11, 4.4, and 4.5. 396 */ 397 #define XDRALIGN(x) ((((x) % 4) != 0) ? ((((x) + 3) / 4) * 4) : (x)) 398 399 extern ap_session_t *ap_sess_tab[AP_SESS_SIZE]; 400 extern ap_session_t *ap_sess_list; 401 extern aproxy_t ap_proxies[]; 402 extern int ippr_ftp_pasvonly; 403 404 extern int appr_add __P((aproxy_t *)); 405 extern int appr_ctl __P((ap_ctl_t *)); 406 extern int appr_del __P((aproxy_t *)); 407 extern int appr_init __P((void)); 408 extern void appr_unload __P((void)); 409 extern int appr_ok __P((fr_info_t *, tcphdr_t *, struct ipnat *)); 410 extern int appr_match __P((fr_info_t *, struct nat *)); 411 extern void appr_free __P((aproxy_t *)); 412 extern void aps_free __P((ap_session_t *)); 413 extern int appr_check __P((fr_info_t *, struct nat *)); 414 extern aproxy_t *appr_lookup __P((u_int, char *)); 415 extern int appr_new __P((fr_info_t *, struct nat *)); 416 extern int appr_ioctl __P((caddr_t, ioctlcmd_t, int)); 417 418 #endif /* _NETINET_IP_PROXY_H_ */
Cache object: 44fdf0b30fb182ccb6c3976f4809cfe4
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]