#include <unistd.h>
#include <signal.h>
#include <fcntl.h>
+#include <limits.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <sys/file.h>
#define FW3_STATEFILE "/var/run/fw3.state"
#define FW3_LOCKFILE "/var/run/fw3.lock"
+#define FW3_HOTPLUG "/sbin/hotplug-call"
extern bool fw3_pr_debug;
#define delbit(field, flag) field &= ~(1 << (flag))
#define hasbit(field, flag) (field & (1 << (flag)))
+#define set(field, family, flag) setbit(field[family == FW3_FAMILY_V6], flag)
+#define del(field, family, flag) delbit(field[family == FW3_FAMILY_V6], flag)
+#define has(field, family, flag) hasbit(field[family == FW3_FAMILY_V6], flag)
+
#define fw3_foreach(p, h) \
for (p = list_empty(h) ? NULL : list_first_entry(h, typeof(*p), list); \
list_empty(h) ? (p == NULL) : (&p->list != (h)); \
#define fw3_is_family(p, f) \
(!p || (p)->family == FW3_FAMILY_ANY || (p)->family == f)
+#define fw3_no_family(flags) \
+ (!(flags & ((1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6))))
+
+#define fw3_no_table(flags) \
+ (!(flags & ((1<<FW3_TABLE_FILTER)|(1<<FW3_TABLE_NAT)| \
+ (1<<FW3_TABLE_MANGLE)|(1<<FW3_TABLE_RAW))))
+
+
const char * fw3_find_command(const char *cmd);
bool fw3_stdout_pipe(void);
{
FW3_TYPE_DEFAULTS = 0,
FW3_TYPE_ZONE = 1,
- FW3_TYPE_IPSET = 2,
+ FW3_TYPE_NETWORK = 2,
+ FW3_TYPE_IPSET = 3,
};
bool fw3_read_statefile(void *state);
void fw3_free_object(void *obj, const void *opts);
+
+struct fw3_rule_spec {
+ int family;
+ int table;
+ int flag;
+ const char *format;
+};
+
+bool fw3_pr_rulespec(int table, int family, uint32_t *flags, uint32_t mask,
+ const struct fw3_rule_spec *r, const char *fmt, ...);
+
+bool fw3_hotplug(bool add, void *zone, void *device);
+
#endif
projects / project / firewall3.git / blobdiff