2 * Copyright (C) 1997-2001 by Darren Reed.
4 * See the IPFILTER.LICENCE file for details on licencing.
6 * $Id: ip_proxy.h,v 2.8.2.13 2002/07/04 11:07:37 darrenr Exp $
7 * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_proxy.h,v 1.9.2.5 2003/03/01 03:55:54 darrenr Exp $
8 * $DragonFly: src/sys/contrib/ipfilter/netinet/ip_proxy.h,v 1.3 2003/08/27 11:02:14 rob Exp $
11 #ifndef __IP_PROXY_H__
12 #define __IP_PROXY_H__
15 #define SOLARIS (defined(sun) && (defined(__svr4__) || defined(__SVR4)))
19 #define APR_LABELLEN 16
21 #define AP_SESS_SIZE 53
26 typedef struct ap_tcp
{
27 u_short apt_sport
; /* source port */
28 u_short apt_dport
; /* destination port */
29 short apt_sel
[2]; /* {seq,ack}{off,min} set selector */
30 short apt_seqoff
[2]; /* sequence # difference */
31 tcp_seq apt_seqmin
[2]; /* don't change seq-off until after this */
32 short apt_ackoff
[2]; /* sequence # difference */
33 tcp_seq apt_ackmin
[2]; /* don't change seq-off until after this */
34 u_char apt_state
[2]; /* connection state */
37 typedef struct ap_udp
{
38 u_short apu_sport
; /* source port */
39 u_short apu_dport
; /* destination port */
42 typedef struct ap_session
{
43 struct aproxy
*aps_apr
;
45 struct ap_tcp apu_tcp
;
46 struct ap_udp apu_udp
;
49 U_QUAD_T aps_bytes
; /* bytes sent */
50 U_QUAD_T aps_pkts
; /* packets sent */
51 void *aps_nat
; /* pointer back to nat struct */
52 void *aps_data
; /* private data */
53 int aps_p
; /* protocol */
54 int aps_psiz
; /* size of private data */
55 struct ap_session
*aps_hnext
;
56 struct ap_session
*aps_next
;
59 #define aps_sport aps_un.apu_tcp.apt_sport
60 #define aps_dport aps_un.apu_tcp.apt_dport
61 #define aps_sel aps_un.apu_tcp.apt_sel
62 #define aps_seqoff aps_un.apu_tcp.apt_seqoff
63 #define aps_seqmin aps_un.apu_tcp.apt_seqmin
64 #define aps_state aps_un.apu_tcp.apt_state
65 #define aps_ackoff aps_un.apu_tcp.apt_ackoff
66 #define aps_ackmin aps_un.apu_tcp.apt_ackmin
69 typedef struct aproxy
{
70 struct aproxy
*apr_next
;
71 char apr_label
[APR_LABELLEN
]; /* Proxy label # */
72 u_char apr_p
; /* protocol */
73 int apr_ref
; /* +1 per rule referencing it */
75 int (* apr_init
) (void);
76 void (* apr_fini
) (void);
77 int (* apr_new
) (fr_info_t
*, ip_t
*,
78 ap_session_t
*, struct nat
*);
79 void (* apr_del
) (ap_session_t
*);
80 int (* apr_inpkt
) (fr_info_t
*, ip_t
*,
81 ap_session_t
*, struct nat
*);
82 int (* apr_outpkt
) (fr_info_t
*, ip_t
*,
83 ap_session_t
*, struct nat
*);
84 int (* apr_match
) (fr_info_t
*, ap_session_t
*, struct nat
*);
89 #define APR_ERR(x) (((x) & 0xffff) << 16)
90 #define APR_EXIT(x) (((x) >> 16) & 0xffff)
91 #define APR_INC(x) ((x) & 0xffff)
97 typedef struct ftpside
{
105 char ftps_buf
[FTP_BUFSZ
];
108 typedef struct ftpinfo
{
111 ftpside_t ftp_side
[2];
115 * Real audio proxy structure and #defines
117 typedef struct raudio_s
{
121 int rap_eos
; /* End Of Startup */
130 u_32_t rap_sbf
; /* flag to indicate which of the 19 bytes have
138 #define RA_ID_ROBUST 7
141 #define RAP_M_ROBUST 2
143 #define RAP_M_UDP_ROBUST (RAP_M_UDP|RAP_M_ROBUST)
148 typedef u_32_t ipsec_cookie_t
[2];
150 typedef struct ipsec_pxy
{
151 ipsec_cookie_t ipsc_icookie
;
152 ipsec_cookie_t ipsc_rcookie
;
156 ipstate_t
*ipsc_state
;
159 extern ap_session_t
*ap_sess_tab
[AP_SESS_SIZE
];
160 extern ap_session_t
*ap_sess_list
;
161 extern aproxy_t ap_proxies
[];
162 extern int ippr_ftp_pasvonly
;
164 extern int appr_add (aproxy_t
*);
165 extern int appr_del (aproxy_t
*);
166 extern int appr_init (void);
167 extern void appr_unload (void);
168 extern int appr_ok (ip_t
*, tcphdr_t
*, struct ipnat
*);
169 extern int appr_match (fr_info_t
*, struct nat
*);
170 extern void appr_free (aproxy_t
*);
171 extern void aps_free (ap_session_t
*);
172 extern int appr_check (ip_t
*, fr_info_t
*, struct nat
*);
173 extern aproxy_t
*appr_lookup (u_int
, char *);
174 extern int appr_new (fr_info_t
*, ip_t
*, struct nat
*);
176 #endif /* __IP_PROXY_H__ */