1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/*
* netifd - network interface daemon
* Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org>
* Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2
* as published by the Free Software Foundation
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
#ifndef __IPRULE_H
#define __IPRULE_H
#include "interface-ip.h"
#define IPRULE_PRIORITY_ADDR 10000
#define IPRULE_PRIORITY_ADDR_MASK 20000
#define IPRULE_PRIORITY_NW 90000
#define IPRULE_PRIORITY_REJECT 4200000000
enum iprule_flags {
/* address family for rule */
IPRULE_INET4 = (0 << 0),
IPRULE_INET6 = (1 << 0),
IPRULE_FAMILY = IPRULE_INET4 | IPRULE_INET6,
/* rule specifies input device */
IPRULE_IN = (1 << 2),
/* rule specifies output device */
IPRULE_OUT = (1 << 3),
/* rule specifies src */
IPRULE_SRC = (1 << 4),
/* rule specifies dest */
IPRULE_DEST = (1 << 5),
/* rule specifies priority */
IPRULE_PRIORITY = (1 << 6),
/* rule specifies diffserv/tos */
IPRULE_TOS = (1 << 7),
/* rule specifies fwmark */
IPRULE_FWMARK = (1 << 8),
/* rule specifies fwmask */
IPRULE_FWMASK = (1 << 9),
/* rule performs table lookup */
IPRULE_LOOKUP = (1 << 10),
/* rule performs routing action */
IPRULE_ACTION = (1 << 11),
/* rule is a goto */
IPRULE_GOTO = (1 << 12),
/* rule suppresses results by prefix length */
IPRULE_SUP_PREFIXLEN = (1 << 13),
/* rule specifies uidrange */
IPRULE_UIDRANGE = (1 << 14),
};
struct iprule {
struct vlist_node node;
unsigned int order;
/* to receive interface events */
struct interface_user in_iface_user;
struct interface_user out_iface_user;
/* device name */
char in_dev[IFNAMSIZ];
char out_dev[IFNAMSIZ];
/* everything below is used as avl tree key */
/* don't change the order */
/* uci interface name */
char *in_iface;
char *out_iface;
enum iprule_flags flags;
bool invert;
unsigned int src_mask;
union if_addr src_addr;
unsigned int dest_mask;
union if_addr dest_addr;
unsigned int priority;
unsigned int tos;
unsigned int fwmark;
unsigned int fwmask;
unsigned int lookup;
unsigned int sup_prefixlen;
unsigned int uidrange_start;
unsigned int uidrange_end;
unsigned int action;
unsigned int gotoid;
};
extern struct vlist_tree iprules;
extern const struct uci_blob_param_list rule_attr_list;
void iprule_add(struct blob_attr *attr, bool v6);
void iprule_update_start(void);
void iprule_update_complete(void);
#endif
|
