release/src-rt-6.x.4708/router/miniupnpd/netfilter_nft/nftnlrdr_misc.h

   1 /*
   2  * MiniUPnP project
   3  * http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/
   4  * (c) 2015 Tomofumi Hayashi
   5  *
   6  * This software is subject to the conditions detailed
   7  * in the LICENCE file provided within the distribution.
   8  */
   9 #include <sys/queue.h>
  10
  11 #define NFT_TABLE_NAT  "nat"
  12 #define NFT_TABLE_FILTER  "filter"
  13
  14 enum rule_reg_type {
  15         RULE_REG_NONE,
  16         RULE_REG_IIF,
  17         RULE_REG_OIF,
  18         RULE_REG_IP_SRC_ADDR,
  19         RULE_REG_IP_DEST_ADDR,
  20         RULE_REG_IP_SD_ADDR, /* source & dest */
  21         RULE_REG_IP_PROTO,
  22         RULE_REG_TCP_DPORT,
  23         RULE_REG_TCP_SD_PORT, /* source & dest */
  24         RULE_REG_IMM_VAL,
  25         RULE_REG_MAX,
  26 };
  27
  28 enum rule_type {
  29         RULE_NONE,
  30         RULE_NAT,
  31         RULE_SNAT,
  32         RULE_FILTER,
  33         RULE_COUNTER,
  34 };
  35
  36 typedef struct rule_ {
  37         LIST_ENTRY(rule_t) entry;
  38         char * table;
  39         char * chain;
  40         uint64_t handle;
  41         enum rule_type type;
  42         uint32_t nat_type;
  43         uint32_t filter_action;
  44         uint32_t family;
  45         uint32_t ingress_ifidx;
  46         uint32_t egress_ifidx;
  47         in_addr_t eaddr;
  48         in_addr_t iaddr;
  49         in_addr_t rhost;
  50         uint16_t eport;
  51         uint16_t iport;
  52         uint16_t rport;
  53         uint8_t proto;
  54         enum rule_reg_type reg1_type;
  55         enum rule_reg_type reg2_type;
  56         uint32_t reg1_val;
  57         uint32_t reg2_val;
  58         uint64_t packets;
  59         uint64_t bytes;
  60         char *desc;
  61 } rule_t;
  62
  63 LIST_HEAD(rule_list, rule_);
  64 extern struct rule_list head;
  65 extern rule_t **peer_cache;
  66 extern rule_t **redirect_cache;
  67
  68 int
  69 nft_send_request(struct nft_rule * rule, uint16_t cmd);
  70 struct nft_rule *
  71 rule_set_dnat(uint8_t family, const char * ifname, uint8_t proto,
  72               in_addr_t rhost, unsigned short eport,
  73               in_addr_t ihost, uint32_t iport,
  74               const char *descr,
  75               const char *handle);
  76 struct nft_rule *
  77 rule_set_snat(uint8_t family, uint8_t proto,
  78               in_addr_t rhost, unsigned short rport,
  79               in_addr_t ehost, unsigned short eport,
  80               in_addr_t ihost, unsigned short iport,
  81               const char *descr,
  82               const char *handle);
  83 struct nft_rule *
  84 rule_set_filter(uint8_t family, const char * ifname, uint8_t proto,
  85                 in_addr_t rhost, in_addr_t iaddr, unsigned short eport,
  86                 unsigned short iport, const char * descr, const char *handle);
  87 struct nft_rule *
  88 rule_del_handle(rule_t *r);
  89 void
  90 reflesh_nft_cache(uint32_t family);
  91 void print_rule(rule_t *r);