2 * firewall3 - 3rd OpenWrt UCI firewall implementation
4 * Copyright (C) 2013 Jo-Philipp Wich <jow@openwrt.org>
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
32 #include <libubox/list.h>
36 #define FW3_STATEFILE "/var/run/fw3.state"
37 #define FW3_LOCKFILE "/var/run/fw3.lock"
38 #define FW3_HOTPLUG "/sbin/hotplug-call"
40 extern bool fw3_pr_debug;
42 void warn_elem(struct uci_element *e, const char *format, ...);
43 void warn(const char *format, ...);
44 void error(const char *format, ...);
45 void info(const char *format, ...);
47 #define setbit(field, flag) field |= (1 << (flag))
48 #define delbit(field, flag) field &= ~(1 << (flag))
49 #define hasbit(field, flag) (field & (1 << (flag)))
51 #define set(field, family, flag) setbit(field[family == FW3_FAMILY_V6], flag)
52 #define del(field, family, flag) delbit(field[family == FW3_FAMILY_V6], flag)
53 #define has(field, family, flag) hasbit(field[family == FW3_FAMILY_V6], flag)
55 #define fw3_foreach(p, h) \
56 for (p = list_empty(h) ? NULL : list_first_entry(h, typeof(*p), list); \
57 list_empty(h) ? (p == NULL) : (&p->list != (h)); \
58 p = list_empty(h) ? list_first_entry(h, typeof(*p), list) \
59 : list_entry(p->list.next, typeof(*p), list))
61 #define fw3_is_family(p, f) \
62 (!p || (p)->family == FW3_FAMILY_ANY || (p)->family == f)
64 #define fw3_no_family(flags) \
65 (!(flags & ((1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6))))
67 #define fw3_no_table(flags) \
68 (!(flags & ((1<<FW3_TABLE_FILTER)|(1<<FW3_TABLE_NAT)| \
69 (1<<FW3_TABLE_MANGLE)|(1<<FW3_TABLE_RAW))))
72 const char * fw3_find_command(const char *cmd);
74 bool fw3_stdout_pipe(void);
75 bool __fw3_command_pipe(bool silent, const char *command, ...);
76 #define fw3_command_pipe(...) __fw3_command_pipe(__VA_ARGS__, NULL)
78 void fw3_command_close(void);
79 void fw3_pr(const char *fmt, ...);
81 bool fw3_has_table(bool ipv6, const char *table);
84 void fw3_unlock(void);
87 enum fw3_statefile_type
89 FW3_TYPE_DEFAULTS = 0,
95 bool fw3_read_statefile(void *state);
96 void fw3_write_statefile(void *state);
98 void fw3_set_running(void *object, struct list_head *dest);
100 void fw3_free_object(void *obj, const void *opts);
103 struct fw3_rule_spec {
110 bool fw3_pr_rulespec(int table, int family, uint32_t *flags, uint32_t mask,
111 const struct fw3_rule_spec *r, const char *fmt, ...);
113 bool fw3_hotplug(bool add, void *zone, void *device);