![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ip_state.h CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [Apple XNU] / XNU / bsd / netinet|
Return to ip_state.h CVS log | Up to [Apple XNU] / XNU / bsd / netinet |
1.1 root 1: /*
2: * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
3: *
4: * @APPLE_LICENSE_HEADER_START@
5: *
6: * The contents of this file constitute Original Code as defined in and
7: * are subject to the Apple Public Source License Version 1.1 (the
8: * "License"). You may not use this file except in compliance with the
9: * License. Please obtain a copy of the License at
10: * http://www.apple.com/publicsource and read it before using this file.
11: *
12: * This Original Code and all software distributed under the License are
13: * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14: * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15: * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16: * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17: * License for the specific language governing rights and limitations
18: * under the License.
19: *
20: * @APPLE_LICENSE_HEADER_END@
21: */
22: /*
23: * Copyright (C) 1995-1997 by Darren Reed.
24: *
25: * Redistribution and use in source and binary forms are permitted
26: * provided that this notice is preserved and due credit is given
27: * to the original author and the contributors.
28: *
29: * @(#)ip_state.h 1.3 1/12/96 (C) 1995 Darren Reed
30: */
31: #ifndef __IP_STATE_H__
32: #define __IP_STATE_H__
33:
34: #define IPSTATE_SIZE 257
35: #define IPSTATE_MAX 2048 /* Maximum number of states held */
36:
37: #define PAIRS(s1,d1,s2,d2) ((((s1) == (s2)) && ((d1) == (d2))) ||\
38: (((s1) == (d2)) && ((d1) == (s2))))
39: #define IPPAIR(s1,d1,s2,d2) PAIRS((s1).s_addr, (d1).s_addr, \
40: (s2).s_addr, (d2).s_addr)
41:
42:
43: typedef struct udpstate {
44: u_short us_sport;
45: u_short us_dport;
46: } udpstate_t;
47:
48: typedef struct icmpstate {
49: u_short ics_id;
50: u_short ics_seq;
51: u_char ics_type;
52: } icmpstate_t;
53:
54: typedef struct tcpstate {
55: u_short ts_sport;
56: u_short ts_dport;
57: u_long ts_seq;
58: u_long ts_ack;
59: u_short ts_swin;
60: u_short ts_dwin;
61: u_char ts_state[2];
62: } tcpstate_t;
63:
64: typedef struct ipstate {
65: struct ipstate *is_next;
66: u_long is_age;
67: u_int is_pass;
68: U_QUAD_T is_pkts;
69: U_QUAD_T is_bytes;
70: void *is_ifpin;
71: void *is_ifpout;
72: struct in_addr is_src;
73: struct in_addr is_dst;
74: u_char is_p;
75: u_char is_flags;
76: u_32_t is_opt;
77: u_32_t is_optmsk;
78: u_short is_sec;
79: u_short is_secmsk;
80: u_short is_auth;
81: u_short is_authmsk;
82: union {
83: icmpstate_t is_ics;
84: tcpstate_t is_ts;
85: udpstate_t is_us;
86: } is_ps;
87: } ipstate_t;
88:
89: #define is_icmp is_ps.is_ics
90: #define is_tcp is_ps.is_ts
91: #define is_udp is_ps.is_us
92: #define is_seq is_tcp.ts_seq
93: #define is_ack is_tcp.ts_ack
94: #define is_dwin is_tcp.ts_dwin
95: #define is_swin is_tcp.ts_swin
96: #define is_sport is_tcp.ts_sport
97: #define is_dport is_tcp.ts_dport
98: #define is_state is_tcp.ts_state
99:
100: #define TH_OPENING (TH_SYN|TH_ACK)
101:
102:
103: typedef struct ipslog {
104: U_QUAD_T isl_pkts;
105: U_QUAD_T isl_bytes;
106: struct in_addr isl_src;
107: struct in_addr isl_dst;
108: u_char isl_p;
109: u_char isl_flags;
110: u_short isl_type;
111: union {
112: u_short isl_filler[2];
113: u_short isl_ports[2];
114: u_short isl_icmp;
115: } isl_ps;
116: } ipslog_t;
117:
118: #define isl_sport isl_ps.isl_ports[0]
119: #define isl_dport isl_ps.isl_ports[1]
120: #define isl_itype isl_ps.isl_icmp
121:
122: #define ISL_NEW 0
123: #define ISL_EXPIRE 0xffff
124: #define ISL_FLUSH 0xfffe
125:
126:
127: typedef struct ips_stat {
128: u_long iss_hits;
129: u_long iss_miss;
130: u_long iss_max;
131: u_long iss_tcp;
132: u_long iss_udp;
133: u_long iss_icmp;
134: u_long iss_nomem;
135: u_long iss_expire;
136: u_long iss_fin;
137: u_long iss_active;
138: u_long iss_logged;
139: u_long iss_logfail;
140: ipstate_t **iss_table;
141: } ips_stat_t;
142:
143:
144: extern u_long fr_tcpidletimeout;
145: extern u_long fr_tcpclosewait;
146: extern u_long fr_tcplastack;
147: extern u_long fr_tcptimeout;
148: extern u_long fr_tcpclosed;
149: extern u_long fr_udptimeout;
150: extern u_long fr_icmptimeout;
151: extern int fr_tcpstate __P((ipstate_t *, fr_info_t *, ip_t *, tcphdr_t *));
152: extern int fr_addstate __P((ip_t *, fr_info_t *, u_int));
153: extern int fr_checkstate __P((ip_t *, fr_info_t *));
154: extern void fr_timeoutstate __P((void));
155: extern void fr_tcp_age __P((u_long *, u_char *, ip_t *, fr_info_t *, int));
156: extern void fr_stateunload __P((void));
157: extern void ipstate_log __P((struct ipstate *, u_short));
158: #if defined(__NetBSD__) || defined(__OpenBSD__)
159: extern int fr_state_ioctl __P((caddr_t, u_long, int));
160: #else
161: extern int fr_state_ioctl __P((caddr_t, int, int));
162: #endif
163:
164: #endif /* __IP_STATE_H__ */
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.