ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* lint -save -library Flexelint comment for external headers */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * Copyright (c) 2001 Charles Mott <cm@linktel.net>
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * All rights reserved.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * Redistribution and use in source and binary forms, with or without
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * modification, are permitted provided that the following conditions
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * 1. Redistributions of source code must retain the above copyright
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * notice, this list of conditions and the following disclaimer.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * 2. Redistributions in binary form must reproduce the above copyright
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * notice, this list of conditions and the following disclaimer in the
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * documentation and/or other materials provided with the distribution.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * SUCH DAMAGE.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * $FreeBSD: src/sys/netinet/libalias/alias.h,v 1.34.8.1 2009/04/15 03:14:26 kensmith Exp $
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * Alias.h defines the outside world interfaces for the packet aliasing
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * software.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * This software is placed into the public domain with no restrictions on its
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * distribution.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * The kernel version of libalias does not support these features.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * The external interface to libalias, the packet aliasing engine.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * There are two sets of functions:
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * PacketAlias*() the old API which doesn't take an instance pointer
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * and therefore can only have one packet engine at a time.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * LibAlias*() the new API which takes as first argument a pointer to
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * the instance of the packet aliasing engine.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * The functions otherwise correspond to each other one for one, except
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * for the LibAliasUnaliasOut()/PacketUnaliasOut() function which were
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * were misnamed in the old API.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * The instance structure
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* XXX: used only for browsing */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * An anonymous structure, a pointer to which is returned from
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * PacketAliasRedirectAddr(), PacketAliasRedirectPort() or
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * PacketAliasRedirectProto(), passed to PacketAliasAddServer(),
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * and freed by PacketAliasRedirectDelete().
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* OLD API */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Initialization and control functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid PacketAliasSetFWBase(unsigned int _base, unsigned int _num);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncunsigned int
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync PacketAliasSetMode(unsigned int _flags, unsigned int _mask);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Packet Handling functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint PacketUnaliasOut(char *_ptr, int _maxpacketsize);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Port and address redirection functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint PacketAliasRedirectDynamic(struct alias_link *_lnk);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid PacketAliasRedirectDelete(struct alias_link *_lnk);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync unsigned short _src_port, struct in_addr _dst_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync unsigned short _dst_port, struct in_addr _alias_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync struct in_addr _dst_addr, struct in_addr _alias_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync unsigned char _proto);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Fragment Handling functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid PacketAliasFragmentIn(char *_ptr, char *_ptr_fragment);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Miscellaneous functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncunsigned short
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync PacketAliasInternetChecksum(unsigned short *_ptr, int _nbytes);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid PacketAliasSetTarget(struct in_addr _target_addr);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Transparent proxying routines. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* NEW API */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Initialization and control functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncstruct libalias *LibAliasInit(PNATState, struct libalias *);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid LibAliasSetAddress(struct libalias *, struct in_addr _addr);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid LibAliasSetFWBase(struct libalias *, unsigned int _base, unsigned int _num);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid LibAliasSetSkinnyPort(struct libalias *, unsigned int _port);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncunsigned int
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync LibAliasSetMode(struct libalias *, unsigned int _flags, unsigned int _mask);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Packet Handling functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasOutTry(struct libalias *, char *_ptr, int _maxpacketsize, int _create);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Port and address redirection functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncLibAliasAddServer(struct libalias *, struct alias_link *_lnk,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncLibAliasRedirectAddr(struct libalias *, struct in_addr _src_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasRedirectDynamic(struct libalias *, struct alias_link *_lnk);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid LibAliasRedirectDelete(struct libalias *, struct alias_link *_lnk);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncLibAliasRedirectPort(struct libalias *, struct in_addr _src_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync unsigned short _src_port, struct in_addr _dst_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync unsigned short _dst_port, struct in_addr _alias_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncLibAliasRedirectProto(struct libalias *, struct in_addr _src_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync struct in_addr _dst_addr, struct in_addr _alias_addr,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync unsigned char _proto);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Fragment Handling functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncchar *LibAliasGetFragment(struct libalias *, char *_ptr);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasSaveFragment(struct libalias *, char *_ptr);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Miscellaneous functions. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncunsigned short
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync LibAliasInternetChecksum(struct libalias *, unsigned short *_ptr, int _nbytes);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncvoid LibAliasSetTarget(struct libalias *, struct in_addr _target_addr);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Transparent proxying routines. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsyncint LibAliasProxyRule(struct libalias *, const char *_cmd);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Module handling API */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Mbuf helper function. */
6de922ee8158732706074aacb20c2a5dc6d4d7a3vboxsyncstruct mbuf *m_megapullup(PNATState, struct mbuf *, int);
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * Mode flags and other constants.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Mode flags, set using PacketAliasSetMode() */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_LOG is set, a message will be printed to /var/log/alias.log
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * every time a link is created or deleted. This is useful for debugging.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_DENY_INCOMING is set, then incoming connections (e.g. to ftp,
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * telnet or web servers will be prevented by the aliasing mechanism.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_SAME_PORTS is set, packets will be attempted sent from the
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * same port as they originated on. This allows e.g. rsh to work *99% of the
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * time*, but _not_ 100% (it will be slightly flakey instead of not working
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * at all). This mode bit is set by PacketAliasInit(), so it is a default
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * mode of operation.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_USE_SOCKETS is set, then when partially specified links (e.g.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * destination port and/or address is zero), the packet aliasing engine will
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * attempt to allocate a socket for the aliasing port it chooses. This will
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * avoid interference with the host machine. Fully specified links do not
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * require this. This bit is set after a call to PacketAliasInit(), so it is
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * a default mode of operation.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_UNREGISTERED_ONLY is set, then only packets with
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * unregistered source addresses will be aliased. Private
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * addresses are those in the following ranges:
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * 10.0.0.0 -> 10.255.255.255
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * 172.16.0.0 -> 172.31.255.255
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * 192.168.0.0 -> 192.168.255.255
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_RESET_ON_ADDR_CHANGE is set, then the table of dynamic
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * aliasing links will be reset whenever PacketAliasSetAddress() changes the
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * default aliasing address. If the default aliasing address is left
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * unchanged by this function call, then the table of dynamic aliasing links
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * will be left intact. This bit is set after a call to PacketAliasInit().
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_PUNCH_FW is set, active FTP and IRC DCC connections will
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * create a 'hole' in the firewall to allow the transfers to work. The
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * ipfw rule number that the hole is created with is controlled by
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * PacketAliasSetFWBase(). The hole will be attached to that
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * particular alias_link, so when the link goes away the hole is deleted.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_PROXY_ONLY is set, then NAT will be disabled and only
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * transparent proxying is performed.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * If PKT_ALIAS_REVERSE is set, the actions of PacketAliasIn() and
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync * PacketAliasOut() are reversed.
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* Function return codes. */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync#endif /* !_ALIAS_H_ */
ae9ed83297460a052aeae98394d473e83aeafd1fvboxsync/* lint -restore */