summaryrefslogtreecommitdiff
path: root/pfinet/linux-src/include/linux/firewall.h
blob: 1747f38116440cf8bd830052a3f5492ec614bc5e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#ifndef __LINUX_FIREWALL_H
#define __LINUX_FIREWALL_H

#include <linux/config.h>

/*
 *	Definitions for loadable firewall modules
 */

#define FW_QUEUE	0
#define FW_BLOCK	1
#define FW_ACCEPT	2
#define FW_REJECT	(-1)
#define FW_REDIRECT	3
#define FW_MASQUERADE	4
#define FW_SKIP		5

struct firewall_ops
{
	struct firewall_ops *next;
	int (*fw_forward)(struct firewall_ops *this, int pf, 
			struct device *dev, void *phdr, void *arg, struct sk_buff **pskb);
	int (*fw_input)(struct firewall_ops *this, int pf, 
			struct device *dev, void *phdr, void *arg, struct sk_buff **pskb);
	int (*fw_output)(struct firewall_ops *this, int pf, 
			struct device *dev, void *phdr, void *arg, struct sk_buff **pskb);
	/* Data falling in the second 486 cache line isn't used directly
	   during a firewall call and scan, only by insert/delete and other
	   unusual cases
	 */
	int fw_pf;		/* Protocol family 			*/	
	int fw_priority;	/* Priority of chosen firewalls 	*/
};

#ifdef __KERNEL__
extern int register_firewall(int pf, struct firewall_ops *fw);
extern int unregister_firewall(int pf, struct firewall_ops *fw);
extern void fwchain_init(void);
#ifdef CONFIG_FIREWALL
extern int call_fw_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **pskb);
extern int call_in_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **pskb);
extern int call_out_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **pskb);
#else
extern __inline__ int call_fw_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **skb)
{
	return FW_ACCEPT;
}

extern __inline__ int call_in_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **skb)
{
	return FW_ACCEPT;
}

extern __inline__ int call_out_firewall(int pf, struct device *dev, void *phdr, void *arg, struct sk_buff **skb)
{
	return FW_ACCEPT;
}

#endif
#endif
#endif