X-Git-Url: http://git.archive.openwrt.org/?p=project%2Ffirewall3.git;a=blobdiff_plain;f=options.h;h=004eeeee1f8d63c8ff98b6dcbf712c242c978cbd;hp=c84fd289f65b48a31e8bcce93506a2f3113cb215;hb=2bcf21ee2e44e9e4158ae4a36a5d73832cd99587;hpb=6da847c446c29c349b0edd757c1afd529565c619 diff --git a/options.h b/options.h index c84fd28..004eeee 100644 --- a/options.h +++ b/options.h @@ -68,16 +68,17 @@ enum fw3_flag FW3_FLAG_REJECT = 7, FW3_FLAG_DROP = 8, FW3_FLAG_NOTRACK = 9, - FW3_FLAG_DNAT = 10, - FW3_FLAG_SNAT = 11, - FW3_FLAG_SRC_ACCEPT = 12, - FW3_FLAG_SRC_REJECT = 13, - FW3_FLAG_SRC_DROP = 14, - FW3_FLAG_CUSTOM_CHAINS = 15, - FW3_FLAG_SYN_FLOOD = 16, - FW3_FLAG_MTU_FIX = 17, - FW3_FLAG_DROP_INVALID = 18, - FW3_FLAG_HOTPLUG = 19, + FW3_FLAG_MARK = 10, + FW3_FLAG_DNAT = 11, + FW3_FLAG_SNAT = 12, + FW3_FLAG_SRC_ACCEPT = 13, + FW3_FLAG_SRC_REJECT = 14, + FW3_FLAG_SRC_DROP = 15, + FW3_FLAG_CUSTOM_CHAINS = 16, + FW3_FLAG_SYN_FLOOD = 17, + FW3_FLAG_MTU_FIX = 18, + FW3_FLAG_DROP_INVALID = 19, + FW3_FLAG_HOTPLUG = 20, __FW3_FLAG_MAX }; @@ -91,14 +92,21 @@ enum fw3_limit_unit FW3_LIMIT_UNIT_MINUTE = 1, FW3_LIMIT_UNIT_HOUR = 2, FW3_LIMIT_UNIT_DAY = 3, + + __FW3_LIMIT_UNIT_MAX }; +extern const char *fw3_limit_units[__FW3_LIMIT_UNIT_MAX]; + + enum fw3_ipset_method { FW3_IPSET_METHOD_UNSPEC = 0, FW3_IPSET_METHOD_BITMAP = 1, FW3_IPSET_METHOD_HASH = 2, FW3_IPSET_METHOD_LIST = 3, + + __FW3_IPSET_METHOD_MAX }; enum fw3_ipset_type @@ -109,14 +117,26 @@ enum fw3_ipset_type FW3_IPSET_TYPE_MAC = 3, FW3_IPSET_TYPE_NET = 4, FW3_IPSET_TYPE_SET = 5, + + __FW3_IPSET_TYPE_MAX }; +extern const char *fw3_ipset_method_names[__FW3_IPSET_METHOD_MAX]; +extern const char *fw3_ipset_type_names[__FW3_IPSET_TYPE_MAX]; + + enum fw3_include_type { FW3_INC_TYPE_SCRIPT = 0, FW3_INC_TYPE_RESTORE = 1, }; +enum fw3_reflection_source +{ + FW3_REFLECTION_INTERNAL = 0, + FW3_REFLECTION_EXTERNAL = 1, +}; + struct fw3_ipset_datatype { struct list_head list; @@ -132,7 +152,7 @@ struct fw3_device bool any; bool invert; char name[32]; - struct fw3_device *network; + char network[32]; }; struct fw3_address @@ -217,6 +237,14 @@ struct fw3_time uint8_t weekdays; /* bit 0 is invert + 1 .. 7 */ }; +struct fw3_mark +{ + bool set; + bool invert; + uint32_t mark; + uint32_t mask; +}; + struct fw3_defaults { enum fw3_flag policy_input; @@ -245,7 +273,6 @@ struct fw3_defaults struct fw3_zone { struct list_head list; - struct list_head running_list; bool enabled; const char *name; @@ -260,9 +287,6 @@ struct fw3_zone struct list_head devices; struct list_head subnets; - struct list_head running_networks; - struct list_head running_devices; - const char *extra_src; const char *extra_dest; @@ -312,8 +336,11 @@ struct fw3_rule struct fw3_limit limit; struct fw3_time time; + struct fw3_mark mark; enum fw3_flag target; + struct fw3_mark set_mark; + struct fw3_mark set_xmark; const char *extra; }; @@ -349,12 +376,14 @@ struct fw3_redirect struct fw3_port port_redir; struct fw3_time time; + struct fw3_mark mark; enum fw3_flag target; const char *extra; bool reflection; + enum fw3_reflection_source reflection_src; }; struct fw3_forward @@ -376,7 +405,6 @@ struct fw3_forward struct fw3_ipset { struct list_head list; - struct list_head running_list; bool enabled; const char *name; @@ -402,7 +430,6 @@ struct fw3_ipset struct fw3_include { struct list_head list; - struct list_head running_list; bool enabled; const char *name; @@ -410,6 +437,8 @@ struct fw3_include const char *path; enum fw3_include_type type; + + bool reload; }; struct fw3_state @@ -423,18 +452,22 @@ struct fw3_state struct list_head ipsets; struct list_head includes; - struct list_head running_zones; - struct list_head running_ipsets; - bool disable_ipsets; bool statefile; }; +struct fw3_chain_spec { + int family; + int table; + int flag; + const char *format; +}; + struct fw3_option { const char *name; - bool (*parse)(void *, const char *); + bool (*parse)(void *, const char *, bool); uintptr_t offset; size_t elem_size; }; @@ -446,46 +479,36 @@ struct fw3_option { name, fw3_parse_##parse, offsetof(struct fw3_##structure, member), \ sizeof(struct fw3_##structure) } - -bool fw3_parse_bool(void *ptr, const char *val); -bool fw3_parse_int(void *ptr, const char *val); -bool fw3_parse_string(void *ptr, const char *val); -bool fw3_parse_target(void *ptr, const char *val); -bool fw3_parse_limit(void *ptr, const char *val); -bool fw3_parse_device(void *ptr, const char *val); -bool fw3_parse_address(void *ptr, const char *val); -bool fw3_parse_mac(void *ptr, const char *val); -bool fw3_parse_port(void *ptr, const char *val); -bool fw3_parse_family(void *ptr, const char *val); -bool fw3_parse_icmptype(void *ptr, const char *val); -bool fw3_parse_protocol(void *ptr, const char *val); - -bool fw3_parse_ipset_method(void *ptr, const char *val); -bool fw3_parse_ipset_datatype(void *ptr, const char *val); - -bool fw3_parse_include_type(void *ptr, const char *val); - -bool fw3_parse_date(void *ptr, const char *val); -bool fw3_parse_time(void *ptr, const char *val); -bool fw3_parse_weekdays(void *ptr, const char *val); -bool fw3_parse_monthdays(void *ptr, const char *val); +bool fw3_parse_bool(void *ptr, const char *val, bool is_list); +bool fw3_parse_int(void *ptr, const char *val, bool is_list); +bool fw3_parse_string(void *ptr, const char *val, bool is_list); +bool fw3_parse_target(void *ptr, const char *val, bool is_list); +bool fw3_parse_limit(void *ptr, const char *val, bool is_list); +bool fw3_parse_device(void *ptr, const char *val, bool is_list); +bool fw3_parse_address(void *ptr, const char *val, bool is_list); +bool fw3_parse_network(void *ptr, const char *val, bool is_list); +bool fw3_parse_mac(void *ptr, const char *val, bool is_list); +bool fw3_parse_port(void *ptr, const char *val, bool is_list); +bool fw3_parse_family(void *ptr, const char *val, bool is_list); +bool fw3_parse_icmptype(void *ptr, const char *val, bool is_list); +bool fw3_parse_protocol(void *ptr, const char *val, bool is_list); + +bool fw3_parse_ipset_method(void *ptr, const char *val, bool is_list); +bool fw3_parse_ipset_datatype(void *ptr, const char *val, bool is_list); + +bool fw3_parse_include_type(void *ptr, const char *val, bool is_list); +bool fw3_parse_reflection_source(void *ptr, const char *val, bool is_list); + +bool fw3_parse_date(void *ptr, const char *val, bool is_list); +bool fw3_parse_time(void *ptr, const char *val, bool is_list); +bool fw3_parse_weekdays(void *ptr, const char *val, bool is_list); +bool fw3_parse_monthdays(void *ptr, const char *val, bool is_list); +bool fw3_parse_mark(void *ptr, const char *val, bool is_list); void fw3_parse_options(void *s, const struct fw3_option *opts, struct uci_section *section); -void fw3_format_in_out(struct fw3_device *in, struct fw3_device *out); -void fw3_format_src_dest(struct fw3_address *src, struct fw3_address *dest); -void fw3_format_sport_dport(struct fw3_port *sp, struct fw3_port *dp); -void fw3_format_mac(struct fw3_mac *mac); -void fw3_format_protocol(struct fw3_protocol *proto, enum fw3_family family); -void fw3_format_icmptype(struct fw3_icmptype *icmp, enum fw3_family family); -void fw3_format_limit(struct fw3_limit *limit); -void fw3_format_ipset(struct fw3_ipset *ipset, bool invert); -void fw3_format_time(struct fw3_time *time); - -void __fw3_format_comment(const char *comment, ...); -#define fw3_format_comment(...) __fw3_format_comment(__VA_ARGS__, NULL) - -void fw3_format_extra(const char *extra); +const char * fw3_address_to_string(struct fw3_address *address, + bool allow_invert); #endif