|
| 1 | +/* |
| 2 | + * Copyright (c) 1982, 1986, 1993 |
| 3 | + * The Regents of the University of California. All rights reserved. |
| 4 | + * |
| 5 | + * Redistribution and use in source and binary forms, with or without |
| 6 | + * modification, are permitted provided that the following conditions |
| 7 | + * are met: |
| 8 | + * 1. Redistributions of source code must retain the above copyright |
| 9 | + * notice, this list of conditions and the following disclaimer. |
| 10 | + * 2. Redistributions in binary form must reproduce the above copyright |
| 11 | + * notice, this list of conditions and the following disclaimer in the |
| 12 | + * documentation and/or other materials provided with the distribution. |
| 13 | + * 3. All advertising materials mentioning features or use of this software |
| 14 | + * must display the following acknowledgement: |
| 15 | + * This product includes software developed by the University of |
| 16 | + * California, Berkeley and its contributors. |
| 17 | + * 4. Neither the name of the University nor the names of its contributors |
| 18 | + * may be used to endorse or promote products derived from this software |
| 19 | + * without specific prior written permission. |
| 20 | + * |
| 21 | + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
| 22 | + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 23 | + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 24 | + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
| 25 | + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
| 26 | + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
| 27 | + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 28 | + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
| 29 | + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
| 30 | + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
| 31 | + * SUCH DAMAGE. |
| 32 | + */ |
| 33 | + |
| 34 | +/* |
| 35 | + * pflog headers, at least as they exist now. |
| 36 | + */ |
| 37 | +#define PFLOG_IFNAMSIZ 16 |
| 38 | +#define PFLOG_RULESET_NAME_SIZE 16 |
| 39 | + |
| 40 | +/* |
| 41 | + * Direction values. |
| 42 | + */ |
| 43 | +#define PF_INOUT 0 |
| 44 | +#define PF_IN 1 |
| 45 | +#define PF_OUT 2 |
| 46 | +#if defined(__OpenBSD__) |
| 47 | +#define PF_FWD 3 |
| 48 | +#endif |
| 49 | + |
| 50 | +/* |
| 51 | + * Reason values. |
| 52 | + */ |
| 53 | +#define PFRES_MATCH 0 |
| 54 | +#define PFRES_BADOFF 1 |
| 55 | +#define PFRES_FRAG 2 |
| 56 | +#define PFRES_SHORT 3 |
| 57 | +#define PFRES_NORM 4 |
| 58 | +#define PFRES_MEMORY 5 |
| 59 | +#define PFRES_TS 6 |
| 60 | +#define PFRES_CONGEST 7 |
| 61 | +#define PFRES_IPOPTIONS 8 |
| 62 | +#define PFRES_PROTCKSUM 9 |
| 63 | +#define PFRES_BADSTATE 10 |
| 64 | +#define PFRES_STATEINS 11 |
| 65 | +#define PFRES_MAXSTATES 12 |
| 66 | +#define PFRES_SRCLIMIT 13 |
| 67 | +#define PFRES_SYNPROXY 14 |
| 68 | +#if defined(__FreeBSD__) |
| 69 | +#define PFRES_MAPFAILED 15 |
| 70 | +#elif defined(__NetBSD__) |
| 71 | +#define PFRES_STATELOCKED 15 |
| 72 | +#elif defined(__OpenBSD__) |
| 73 | +#define PFRES_TRANSLATE 15 |
| 74 | +#define PFRES_NOROUTE 16 |
| 75 | +#elif defined(__APPLE__) |
| 76 | +#define PFRES_DUMMYNET 15 |
| 77 | +#endif |
| 78 | + |
| 79 | +/* |
| 80 | + * Action vaues. |
| 81 | + */ |
| 82 | +#define PF_PASS 0 |
| 83 | +#define PF_DROP 1 |
| 84 | +#define PF_SCRUB 2 |
| 85 | +#define PF_NOSCRUB 3 |
| 86 | +#define PF_NAT 4 |
| 87 | +#define PF_NONAT 5 |
| 88 | +#define PF_BINAT 6 |
| 89 | +#define PF_NOBINAT 7 |
| 90 | +#define PF_RDR 8 |
| 91 | +#define PF_NORDR 9 |
| 92 | +#define PF_SYNPROXY_DROP 10 |
| 93 | +#if defined(__FreeBSD__) |
| 94 | +#define PF_DEFER 11 |
| 95 | +#elif defined(__OpenBSD__) |
| 96 | +#define PF_DEFER 11 |
| 97 | +#define PF_MATCH 12 |
| 98 | +#define PF_DIVERT 13 |
| 99 | +#define PF_RT 14 |
| 100 | +#define PF_AFRT 15 |
| 101 | +#elif defined(__APPLE__) |
| 102 | +#define PF_DUMMYNET 11 |
| 103 | +#define PF_NODUMMYNET 12 |
| 104 | +#define PF_NAT64 13 |
| 105 | +#define PF_NONAT64 14 |
| 106 | +#endif |
| 107 | + |
| 108 | +struct pf_addr { |
| 109 | + union { |
| 110 | + struct in_addr v4; |
| 111 | + struct in6_addr v6; |
| 112 | + uint8_t addr8[16]; |
| 113 | + uint16_t addr16[8]; |
| 114 | + uint32_t addr32[4]; |
| 115 | + } pfa; /* 128-bit address */ |
| 116 | +#define v4 pfa.v4 |
| 117 | +#define v6 pfa.v6 |
| 118 | +#define addr8 pfa.addr8 |
| 119 | +#define addr16 pfa.addr16 |
| 120 | +#define addr32 pfa.addr32 |
| 121 | +}; |
| 122 | + |
| 123 | +struct pfloghdr { |
| 124 | + uint8_t length; |
| 125 | + uint8_t af; |
| 126 | + uint8_t action; |
| 127 | + uint8_t reason; |
| 128 | + char ifname[PFLOG_IFNAMSIZ]; |
| 129 | + char ruleset[PFLOG_RULESET_NAME_SIZE]; |
| 130 | + uint32_t rulenr; |
| 131 | + uint32_t subrulenr; |
| 132 | + uint32_t uid; |
| 133 | + int32_t pid; |
| 134 | + uint32_t rule_uid; |
| 135 | + int32_t rule_pid; |
| 136 | + uint8_t dir; |
| 137 | +#if defined(__OpenBSD__) |
| 138 | + uint8_t rewritten; |
| 139 | + uint8_t naf; |
| 140 | + uint8_t pad[1]; |
| 141 | +#else |
| 142 | + uint8_t pad[3]; |
| 143 | +#endif |
| 144 | +#if defined(__FreeBSD__) |
| 145 | + uint32_t ridentifier; |
| 146 | + uint8_t reserve; |
| 147 | + uint8_t pad2[3]; |
| 148 | +#elif defined(__OpenBSD__) |
| 149 | + struct pf_addr saddr; |
| 150 | + struct pf_addr daddr; |
| 151 | + uint16_t sport; |
| 152 | + uint16_t dport; |
| 153 | +#endif |
| 154 | +}; |
| 155 | + |
| 156 | + |
| 157 | + |
0 commit comments