1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _SYS_PFMOD_H 27 #define _SYS_PFMOD_H 28 29 #pragma ident "%Z%%M% %I% %E% SMI" 30 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 /* 36 * Ioctls. 37 */ 38 #define PFIOC ('P' << 8) 39 #define PFIOCSETF (PFIOC|1) /* replace current packet filter */ 40 41 #define ENMAXFILTERS 255 /* maximum filter short words */ 42 #define PF_MAXFILTERS 2047 /* max short words for newpacketfilt */ 43 44 /* 45 * filter structure for SETF 46 */ 47 struct packetfilt { 48 uchar_t Pf_Priority; /* priority of filter */ 49 uchar_t Pf_FilterLen; /* length of filter cmd list */ 50 ushort_t Pf_Filter[ENMAXFILTERS]; /* filter command list */ 51 }; 52 53 /* 54 * The extended packet filter structure 55 */ 56 struct Pf_ext_packetfilt { 57 uchar_t Pf_Priority; /* priority of filter */ 58 unsigned int Pf_FilterLen; /* length of filter cmd list */ 59 ushort_t Pf_Filter[PF_MAXFILTERS]; /* filter command list */ 60 }; 61 62 /* 63 * We now allow specification of up to MAXFILTERS (short) words of a filter 64 * command list to be applied to incoming packets to determine if 65 * those packets should be given to a particular open ethernet file. 66 * Alternatively, PF_MAXFILTERS and Pf_ext_packetfilt structure can be 67 * used in case even bigger filter command list is needed. 68 * 69 * In this context, "word" means a short (16-bit) integer. 70 * 71 * The filter command list is specified using ioctl(). Each filter command 72 * list specifies a sequence of actions that leaves a boolean value on the 73 * top of an internal stack. There is also an offset register which is 74 * initialized to zero. Each word of the command list specifies an action 75 * from the set {PUSHLIT, PUSHZERO, PUSHWORD+N, LOAD_OFFSET, BRTR, BRFL, POP} 76 * (see #defines below for definitions), and a binary operator from the set 77 * {EQ, LT, LE, GT, GE, AND, OR, XOR} which operates on the top two elements 78 * of the stack and replaces them with its result. The special action NOPUSH 79 * and the special operator NOP can be used to only perform the binary 80 * operation or to only push a value on the stack. 81 * 82 * If the final value of the filter operation is true, then the packet is 83 * accepted for the open file which specified the filter. 84 */ 85 86 /* these must sum to sizeof (ushort_t)! */ 87 #define ENF_NBPA 10 /* # bits / action */ 88 #define ENF_NBPO 6 /* # bits / operator */ 89 90 /* binary operators */ 91 #define ENF_NOP (0 << ENF_NBPA) 92 #define ENF_EQ (1 << ENF_NBPA) 93 #define ENF_LT (2 << ENF_NBPA) 94 #define ENF_LE (3 << ENF_NBPA) 95 #define ENF_GT (4 << ENF_NBPA) 96 #define ENF_GE (5 << ENF_NBPA) 97 #define ENF_AND (6 << ENF_NBPA) 98 #define ENF_OR (7 << ENF_NBPA) 99 #define ENF_XOR (8 << ENF_NBPA) 100 #define ENF_COR (9 << ENF_NBPA) 101 #define ENF_CAND (10 << ENF_NBPA) 102 #define ENF_CNOR (11 << ENF_NBPA) 103 #define ENF_CNAND (12 << ENF_NBPA) 104 #define ENF_NEQ (13 << ENF_NBPA) 105 106 /* stack actions */ 107 #define ENF_NOPUSH 0 108 #define ENF_PUSHLIT 1 /* Push the next word on the stack */ 109 #define ENF_PUSHZERO 2 /* Push 0 on the stack */ 110 #define ENF_PUSHONE 3 /* Push 1 on the stack */ 111 #define ENF_PUSHFFFF 4 /* Push 0xffff on the stack */ 112 #define ENF_PUSHFF00 5 /* Push 0xff00 on the stack */ 113 #define ENF_PUSH00FF 6 /* Push 0x00ff on the stack */ 114 #define ENF_LOAD_OFFSET 7 /* Load the next word into the offset register */ 115 #define ENF_BRTR 8 /* Branch if the stack's top element is true */ 116 #define ENF_BRFL 9 /* Branch if the stack's top element is false */ 117 #define ENF_POP 10 /* Pop the top element from the stack */ 118 #define ENF_PUSHWORD 16 119 120 #ifdef __cplusplus 121 } 122 #endif 123 124 #endif /* _SYS_PFMOD_H */