// L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.38 2004-11-27 05:19:53 bodea Exp $
+// $Id: l2tpns.h,v 1.43 2004-12-01 02:52:46 bodea Exp $
#ifndef __L2TPNS_H__
#define __L2TPNS_H__
#include <sys/types.h>
#include <libcli.h>
-#define VERSION "2.0.9"
+#define VERSION "2.0.11"
// Limits
#define MAXTUNNEL 500 // could be up to 65535
u16 snoop_port;
int throttle_in;
int throttle_out;
+ int filter_in;
+ int filter_out;
};
#define CLI_SESS_KILL 0x01
#define CLI_SESS_NOSNOOP 0x04
#define CLI_SESS_THROTTLE 0x08
#define CLI_SESS_NOTHROTTLE 0x10
+#define CLI_SESS_FILTER 0x20
+#define CLI_SESS_NOFILTER 0x40
struct cli_tunnel_actions {
char action;
char level;
sessionidt session;
tunnelidt tunnel;
- ipt address;
char message[MAX_LOG_LENGTH];
} buffer[RINGBUFFER_SIZE];
int head;
#define FILTER_PORT_OP_GT 3
#define FILTER_PORT_OP_LT 4
#define FILTER_PORT_OP_RANGE 5
- portt port;
- portt port2; // for range
+ portt port; // port (host byte order)
+ portt port2; // range
} ip_filter_portt;
typedef struct
int action; // permit/deny
#define FILTER_ACTION_DENY 1
#define FILTER_ACTION_PERMIT 2
- int proto; // protocol: IPPROTO_* (netinet/in.h)
- ipt src_ip; // source ip
+ u8 proto; // protocol: IPPROTO_* (netinet/in.h)
+ ipt src_ip; // source ip (network byte order)
ipt src_wild;
ip_filter_portt src_ports;
ipt dst_ip; // dest ip
ipt dst_wild;
ip_filter_portt dst_ports;
- u8 tcp_flag_op; // match type: any, all
-#define FILTER_FLAG_OP_ANY 0
-#define FILTER_FLAG_OP_ALL 1
+ u8 frag; // apply to non-initial fragments
+ u8 tcp_flag_op; // match type: any, all, established
+#define FILTER_FLAG_OP_ANY 1
+#define FILTER_FLAG_OP_ALL 2
+#define FILTER_FLAG_OP_EST 3
u8 tcp_sflags; // flags set
u8 tcp_cflags; // flags clear
+ u32 counter; // match count
} ip_filter_rulet;
#define TCP_FLAG_FIN 0x01
void sendipcp(tunnelidt t, sessionidt s);
void processudp(u8 * buf, int len, struct sockaddr_in *addr);
void snoop_send_packet(char *packet, u16 size, ipt destination, u16 port);
+int ip_filter(u8 *buf, int len, u8 filter);
int cmd_show_ipcache(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_idle(struct cli_def *cli, char *command, char **argv, int argc);
int cmd_show_hist_open(struct cli_def *cli, char *command, char **argv, int argc);
#undef LOG
#undef LOG_HEX
-#define LOG(D, a, s, t, f, ...) ({ if (D <= config->debug) _log(D, a, s, t, f, ## __VA_ARGS__); })
+#define LOG(D, s, t, f, ...) ({ if (D <= config->debug) _log(D, s, t, f, ## __VA_ARGS__); })
#define LOG_HEX(D, t, d, s) ({ if (D <= config->debug) _log_hex(D, t, d, s); })
-void _log(int level, ipt address, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 5, 6)));
+void _log(int level, sessionidt s, tunnelidt t, const char *format, ...) __attribute__((format (printf, 4, 5)));
void _log_hex(int level, const char *title, const char *data, int maxsize);
int sessionsetup(tunnelidt t, sessionidt s);
void *array[20]; \
char **strings; \
int size, i; \
- LOG(0, 0, 0, t, "Backtrace follows"); \
+ LOG(0, 0, t, "Backtrace follows"); \
size = backtrace(array, 10); \
strings = backtrace_symbols(array, size); \
if (strings) for (i = 0; i < size; i++) \
{ \
- LOG(0, 0, 0, t, "%s\n", strings[i]); \
+ LOG(0, 0, t, "%s\n", strings[i]); \
} \
free(strings); \
}
projects / l2tpns.git / blobdiff