dc/d3d/nftnlrdr__misc_8h_source.html

/*

 * MiniUPnP project

 * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/

 * (c) 2015 Tomofumi Hayashi

 * (c) 2019 Paul Chambers

 * (c) 2020 Thomas Bernard

 *

 * This software is subject to the conditions detailed

 * in the LICENCE file provided within the distribution.

 */

#include <sys/queue.h>


extern const char * nft_table;

extern const char * nft_prerouting_chain;

extern const char * nft_postrouting_chain;

extern const char * nft_forward_chain;


#define NFT_DESCR_SIZE 1024


enum rule_reg_type {

    RULE_REG_NONE,

    RULE_REG_IIF,

    RULE_REG_OIF,

    RULE_REG_IP_SRC_ADDR,

    RULE_REG_IP_DEST_ADDR,

    RULE_REG_IP_SD_ADDR, /* source & dest */

    RULE_REG_IP6_SRC_ADDR,

    RULE_REG_IP6_DEST_ADDR,

    RULE_REG_IP6_SD_ADDR, /* source & dest */

    RULE_REG_IP_PROTO,

    RULE_REG_IP6_PROTO,

    RULE_REG_TCP_DPORT,

    RULE_REG_TCP_SD_PORT, /* source & dest */

    RULE_REG_IMM_VAL,     /* immediate */

    RULE_REG_MAX,

};


enum rule_type {

    RULE_NONE,

    RULE_NAT,

    RULE_FILTER,

    RULE_COUNTER,

};


enum rule_chain_type {

    RULE_CHAIN_FILTER,

    RULE_CHAIN_PEER,

    RULE_CHAIN_REDIRECT,

};


typedef struct rule_t {

    LIST_ENTRY(rule_t) entry;

    char * table;

    char * chain;

    uint64_t handle;

    enum rule_type type;

    uint32_t nat_type;

    uint32_t filter_action;

    uint32_t family;

    uint32_t ingress_ifidx;

    uint32_t egress_ifidx;

    in_addr_t eaddr;

    in_addr_t iaddr;

    in_addr_t rhost;

    struct in6_addr iaddr6;

    struct in6_addr rhost6;

    uint16_t eport;

    uint16_t iport;

    uint16_t rport;

    uint8_t proto;

    enum rule_reg_type reg1_type;

    enum rule_reg_type reg2_type;

    uint32_t reg1_val;

    uint32_t reg2_val;

    uint64_t packets;

    uint64_t bytes;

    char * desc;

    uint32_t desc_len;

} rule_t;


LIST_HEAD(rule_list, rule_t);

extern struct rule_list head_filter;

extern struct rule_list head_redirect;

extern struct rule_list head_peer;


int

nft_mnl_connect(void);


void

nft_mnl_disconnect(void);


#ifdef DEBUG

void

print_rule(const char *func, int line, const struct nftnl_rule *rule);


void

print_redirect_rules(const char * ifname);


#define debug_rule(rule)        do { print_rule(__func__, __LINE__, rule); } while (0)


#else

#define debug_rule(rule)

#endif


int

nft_send_rule(struct nftnl_rule * rule, uint16_t cmd, enum rule_chain_type type);

struct nftnl_rule *

rule_set_dnat(uint8_t family, const char * ifname, uint8_t proto,

          in_addr_t rhost, unsigned short eport,

          in_addr_t ihost, uint32_t iport,

          const char *descr,

          const char *handle);

struct nftnl_rule *

rule_set_snat(uint8_t family, uint8_t proto,

          in_addr_t rhost, unsigned short rport,

          in_addr_t ehost, unsigned short eport,

          in_addr_t ihost, unsigned short iport,

          const char *descr,

          const char *handle);

struct nftnl_rule *

rule_set_filter(uint8_t family, const char * ifname, uint8_t proto,

        in_addr_t rhost, in_addr_t iaddr,

        unsigned short eport, unsigned short iport,

        unsigned short rport, const char * descr, const char *handle);

struct nftnl_rule *

rule_set_filter6(uint8_t family, const char * ifname, uint8_t proto,

        struct in6_addr *rhost6, struct in6_addr *iaddr6,

        unsigned short eport, unsigned short iport,

        unsigned short rport, const char *descr, const char *handle);

struct nftnl_rule *

rule_set_filter_common(struct nftnl_rule *r, uint8_t family, const char * ifname,

        uint8_t proto, unsigned short eport, unsigned short iport,

        unsigned short rport, const char *descr, const char *handle);

struct nftnl_rule *rule_del_handle(rule_t *r);

int refresh_nft_cache_filter(void);

int refresh_nft_cache_redirect(void);

int refresh_nft_cache_peer(void);

int refresh_nft_cache(struct rule_list *head, const char *table, const char *chain, uint32_t family, enum rule_type type);


int

table_op(enum nf_tables_msg_types op, uint16_t family, const char * name);

int

chain_op(enum nf_tables_msg_types op, uint16_t family, const char * table,

         const char * name, const char * type, uint32_t hooknum, signed int priority );


struct mnl_nlmsg_batch *

start_batch( char *buf, size_t buf_size);

int

send_batch(struct mnl_nlmsg_batch * batch);

descr
const char * descr
Definition cpu_power_test.cpp:29

head_peer
struct rule_list head_peer
Definition nftnlrdr_misc.c:80

head_filter
struct rule_list head_filter
Definition nftnlrdr_misc.c:76

nft_postrouting_chain
const char * nft_postrouting_chain
Definition nftnlrdr_misc.c:68

head_redirect
struct rule_list head_redirect
Definition nftnlrdr_misc.c:78

nft_prerouting_chain
const char * nft_prerouting_chain
Definition nftnlrdr_misc.c:67

nft_forward_chain
const char * nft_forward_chain
Definition nftnlrdr_misc.c:69

nft_table
const char * nft_table
Definition nftnlrdr_misc.c:66

refresh_nft_cache_filter
int refresh_nft_cache_filter(void)
Definition nftnlrdr_misc.c:618

rule_chain_type
rule_chain_type
Definition nftnlrdr_misc.h:45

RULE_CHAIN_REDIRECT
@ RULE_CHAIN_REDIRECT
Definition nftnlrdr_misc.h:48

RULE_CHAIN_FILTER
@ RULE_CHAIN_FILTER
Definition nftnlrdr_misc.h:46

RULE_CHAIN_PEER
@ RULE_CHAIN_PEER
Definition nftnlrdr_misc.h:47

rule_set_filter_common
struct nftnl_rule * rule_set_filter_common(struct nftnl_rule *r, uint8_t family, const char *ifname, uint8_t proto, unsigned short eport, unsigned short iport, unsigned short rport, const char *descr, const char *handle)
Definition nftnlrdr_misc.c:1093

LIST_HEAD
LIST_HEAD(rule_list, rule_t)

refresh_nft_cache_redirect
int refresh_nft_cache_redirect(void)
Definition nftnlrdr_misc.c:640

nft_send_rule
int nft_send_rule(struct nftnl_rule *rule, uint16_t cmd, enum rule_chain_type type)
Definition nftnlrdr_misc.c:1187

rule_set_filter6
struct nftnl_rule * rule_set_filter6(uint8_t family, const char *ifname, uint8_t proto, struct in6_addr *rhost6, struct in6_addr *iaddr6, unsigned short eport, unsigned short iport, unsigned short rport, const char *descr, const char *handle)
Definition nftnlrdr_misc.c:1052

send_batch
int send_batch(struct mnl_nlmsg_batch *batch)
Definition nftnlrdr_misc.c:1366

rule_set_snat
struct nftnl_rule * rule_set_snat(uint8_t family, uint8_t proto, in_addr_t rhost, unsigned short rport, in_addr_t ehost, unsigned short eport, in_addr_t ihost, unsigned short iport, const char *descr, const char *handle)
Definition nftnlrdr_misc.c:862

rule_del_handle
struct nftnl_rule * rule_del_handle(rule_t *r)
Definition nftnlrdr_misc.c:1151

refresh_nft_cache_peer
int refresh_nft_cache_peer(void)
Definition nftnlrdr_misc.c:629

nft_mnl_disconnect
void nft_mnl_disconnect(void)
Definition nftnlrdr_misc.c:108

nft_mnl_connect
int nft_mnl_connect(void)
Definition nftnlrdr_misc.c:91

rule_set_dnat
struct nftnl_rule * rule_set_dnat(uint8_t family, const char *ifname, uint8_t proto, in_addr_t rhost, unsigned short eport, in_addr_t ihost, uint32_t iport, const char *descr, const char *handle)
Definition nftnlrdr_misc.c:938

rule_type
rule_type
Definition nftnlrdr_misc.h:38

RULE_FILTER
@ RULE_FILTER
Definition nftnlrdr_misc.h:41

RULE_NAT
@ RULE_NAT
Definition nftnlrdr_misc.h:40

RULE_NONE
@ RULE_NONE
Definition nftnlrdr_misc.h:39

RULE_COUNTER
@ RULE_COUNTER
Definition nftnlrdr_misc.h:42

table_op
int table_op(enum nf_tables_msg_types op, uint16_t family, const char *name)
Definition nftnlrdr_misc.c:1228

refresh_nft_cache
int refresh_nft_cache(struct rule_list *head, const char *table, const char *chain, uint32_t family, enum rule_type type)
Definition nftnlrdr_misc.c:677

rule_set_filter
struct nftnl_rule * rule_set_filter(uint8_t family, const char *ifname, uint8_t proto, in_addr_t rhost, in_addr_t iaddr, unsigned short eport, unsigned short iport, unsigned short rport, const char *descr, const char *handle)
Definition nftnlrdr_misc.c:1010

start_batch
struct mnl_nlmsg_batch * start_batch(char *buf, size_t buf_size)
Definition nftnlrdr_misc.c:1337

chain_op
int chain_op(enum nf_tables_msg_types op, uint16_t family, const char *table, const char *name, const char *type, uint32_t hooknum, signed int priority)
Definition nftnlrdr_misc.c:1276

rule_reg_type
rule_reg_type
Definition nftnlrdr_misc.h:20

RULE_REG_TCP_SD_PORT
@ RULE_REG_TCP_SD_PORT
Definition nftnlrdr_misc.h:33

RULE_REG_IP6_DEST_ADDR
@ RULE_REG_IP6_DEST_ADDR
Definition nftnlrdr_misc.h:28

RULE_REG_IP_SRC_ADDR
@ RULE_REG_IP_SRC_ADDR
Definition nftnlrdr_misc.h:24

RULE_REG_IP_PROTO
@ RULE_REG_IP_PROTO
Definition nftnlrdr_misc.h:30

RULE_REG_IMM_VAL
@ RULE_REG_IMM_VAL
Definition nftnlrdr_misc.h:34

RULE_REG_NONE
@ RULE_REG_NONE
Definition nftnlrdr_misc.h:21

RULE_REG_IP_SD_ADDR
@ RULE_REG_IP_SD_ADDR
Definition nftnlrdr_misc.h:26

RULE_REG_TCP_DPORT
@ RULE_REG_TCP_DPORT
Definition nftnlrdr_misc.h:32

RULE_REG_IP6_PROTO
@ RULE_REG_IP6_PROTO
Definition nftnlrdr_misc.h:31

RULE_REG_OIF
@ RULE_REG_OIF
Definition nftnlrdr_misc.h:23

RULE_REG_IP6_SD_ADDR
@ RULE_REG_IP6_SD_ADDR
Definition nftnlrdr_misc.h:29

RULE_REG_IIF
@ RULE_REG_IIF
Definition nftnlrdr_misc.h:22

RULE_REG_IP6_SRC_ADDR
@ RULE_REG_IP6_SRC_ADDR
Definition nftnlrdr_misc.h:27

RULE_REG_IP_DEST_ADDR
@ RULE_REG_IP_DEST_ADDR
Definition nftnlrdr_misc.h:25

RULE_REG_MAX
@ RULE_REG_MAX
Definition nftnlrdr_misc.h:35

name
const char * name
Definition options.c:30

buf
const char * buf
Definition slow_memmem.cpp:73

uint16_t
unsigned short uint16_t
Definition stdint.h:125

uint32_t
unsigned int uint32_t
Definition stdint.h:126

uint8_t
unsigned char uint8_t
Definition stdint.h:124

uint64_t
unsigned __int64 uint64_t
Definition stdint.h:136

rule_t
Definition nftnlrdr_misc.h:51

rule_t::family
uint32_t family
Definition nftnlrdr_misc.h:59

rule_t::bytes
uint64_t bytes
Definition nftnlrdr_misc.h:76

rule_t::desc_len
uint32_t desc_len
Definition nftnlrdr_misc.h:78

rule_t::chain
char * chain
Definition nftnlrdr_misc.h:54

rule_t::egress_ifidx
uint32_t egress_ifidx
Definition nftnlrdr_misc.h:61

rule_t::eport
uint16_t eport
Definition nftnlrdr_misc.h:67

rule_t::nat_type
uint32_t nat_type
Definition nftnlrdr_misc.h:57

rule_t::packets
uint64_t packets
Definition nftnlrdr_misc.h:75

rule_t::reg2_type
enum rule_reg_type reg2_type
Definition nftnlrdr_misc.h:72

rule_t::iport
uint16_t iport
Definition nftnlrdr_misc.h:68

rule_t::desc
char * desc
Definition nftnlrdr_misc.h:77

rule_t::reg1_type
enum rule_reg_type reg1_type
Definition nftnlrdr_misc.h:71

rule_t::filter_action
uint32_t filter_action
Definition nftnlrdr_misc.h:58

rule_t::reg1_val
uint32_t reg1_val
Definition nftnlrdr_misc.h:73

rule_t::rhost6
struct in6_addr rhost6
Definition nftnlrdr_misc.h:66

rule_t::proto
uint8_t proto
Definition nftnlrdr_misc.h:70

rule_t::type
enum rule_type type
Definition nftnlrdr_misc.h:56

rule_t::rhost
in_addr_t rhost
Definition nftnlrdr_misc.h:64

rule_t::reg2_val
uint32_t reg2_val
Definition nftnlrdr_misc.h:74

rule_t::ingress_ifidx
uint32_t ingress_ifidx
Definition nftnlrdr_misc.h:60

rule_t::LIST_ENTRY
LIST_ENTRY(rule_t) entry

rule_t::iaddr
in_addr_t iaddr
Definition nftnlrdr_misc.h:63

rule_t::handle
uint64_t handle
Definition nftnlrdr_misc.h:55

rule_t::table
char * table
Definition nftnlrdr_misc.h:53

rule_t::iaddr6
struct in6_addr iaddr6
Definition nftnlrdr_misc.h:65

rule_t::rport
uint16_t rport
Definition nftnlrdr_misc.h:69

rule_t::eaddr
in_addr_t eaddr
Definition nftnlrdr_misc.h:62

ifname
static const char * ifname
Definition testipfwrdr.c:17