167 lines
2.4 KiB
C
167 lines
2.4 KiB
C
#pragma once
|
|
|
|
#include <common/int_types.h>
|
|
|
|
struct filter_ip
|
|
{
|
|
u32 src_ip;
|
|
u8 src_cidr;
|
|
|
|
u32 dst_ip;
|
|
u8 dst_cidr;
|
|
|
|
u32 src_ip6[4];
|
|
u32 dst_ip6[4];
|
|
|
|
unsigned int do_min_ttl : 1;
|
|
u8 min_ttl;
|
|
|
|
unsigned int do_max_ttl : 1;
|
|
u8 max_ttl;
|
|
|
|
unsigned int do_min_len : 1;
|
|
u16 min_len;
|
|
|
|
unsigned int do_max_len : 1;
|
|
u16 max_len;
|
|
|
|
unsigned int do_tos : 1;
|
|
u8 tos;
|
|
} typedef filter_ip_t;
|
|
|
|
struct filter_tcp
|
|
{
|
|
unsigned int enabled : 1;
|
|
|
|
unsigned int do_sport : 1;
|
|
u16 sport;
|
|
|
|
unsigned int do_dport : 1;
|
|
u16 dport;
|
|
|
|
// TCP flags.
|
|
unsigned int do_urg : 1;
|
|
unsigned int urg : 1;
|
|
|
|
unsigned int do_ack : 1;
|
|
unsigned int ack : 1;
|
|
|
|
unsigned int do_rst : 1;
|
|
unsigned int rst : 1;
|
|
|
|
unsigned int do_psh : 1;
|
|
unsigned int psh : 1;
|
|
|
|
unsigned int do_syn : 1;
|
|
unsigned int syn : 1;
|
|
|
|
unsigned int do_fin : 1;
|
|
unsigned int fin : 1;
|
|
|
|
unsigned int do_ece : 1;
|
|
unsigned int ece : 1;
|
|
|
|
unsigned int do_cwr : 1;
|
|
unsigned int cwr : 1;
|
|
} typedef filter_tcp_t;
|
|
|
|
struct filter_udp
|
|
{
|
|
unsigned int enabled : 1;
|
|
|
|
unsigned int do_sport : 1;
|
|
u16 sport;
|
|
|
|
unsigned int do_dport : 1;
|
|
u16 dport;
|
|
} typedef filter_udp_t;
|
|
|
|
struct filter_icmp
|
|
{
|
|
unsigned int enabled : 1;
|
|
|
|
unsigned int do_code : 1;
|
|
u8 code;
|
|
|
|
unsigned int do_type : 1;
|
|
u8 type;
|
|
} typedef filter_icmp_t;
|
|
|
|
struct filter
|
|
{
|
|
unsigned int set : 1;
|
|
unsigned int log : 1;
|
|
unsigned int enabled : 1;
|
|
|
|
u8 action;
|
|
u16 block_time;
|
|
|
|
unsigned int do_pps : 1;
|
|
u64 pps;
|
|
|
|
unsigned int do_bps : 1;
|
|
u64 bps;
|
|
|
|
filter_ip_t ip;
|
|
|
|
filter_tcp_t tcp;
|
|
filter_udp_t udp;
|
|
filter_icmp_t icmp;
|
|
} __attribute__((__aligned__(8))) typedef filter_t;
|
|
|
|
struct stats
|
|
{
|
|
u64 allowed;
|
|
u64 dropped;
|
|
u64 passed;
|
|
} typedef stats_t;
|
|
|
|
struct ip_stats
|
|
{
|
|
u64 pps;
|
|
u64 bps;
|
|
u64 next_update;
|
|
} typedef ip_stats_t ;
|
|
|
|
struct flow
|
|
{
|
|
u32 ip;
|
|
u16 port;
|
|
u8 protocol;
|
|
} typedef flow_t;
|
|
|
|
struct flow6
|
|
{
|
|
u128 ip;
|
|
u16 port;
|
|
u8 protocol;
|
|
} typedef flow6_t;
|
|
|
|
struct filter_log_event
|
|
{
|
|
u64 ts;
|
|
int filter_id;
|
|
|
|
int length;
|
|
|
|
u32 src_ip;
|
|
u32 src_ip6[4];
|
|
|
|
u16 src_port;
|
|
|
|
u32 dst_ip;
|
|
u32 dst_ip6[4];
|
|
|
|
u16 dst_port;
|
|
|
|
u8 protocol;
|
|
|
|
u64 pps;
|
|
u64 bps;
|
|
} typedef filter_log_event_t;
|
|
|
|
struct lpm_trie_key
|
|
{
|
|
u32 prefix_len;
|
|
u32 data;
|
|
} typedef LpmTrieKey; |