Print this page
3168 pfmod commands could be more useful
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/sys/pfmod.h
+++ new/usr/src/uts/common/sys/pfmod.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
|
↓ open down ↓ |
18 lines elided |
↑ open up ↑ |
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 24 */
25 25
26 26 #ifndef _SYS_PFMOD_H
27 27 #define _SYS_PFMOD_H
28 28
29 -#pragma ident "%Z%%M% %I% %E% SMI"
30 -
31 29 #ifdef __cplusplus
32 30 extern "C" {
33 31 #endif
34 32
35 33 /*
36 34 * Ioctls.
37 35 */
38 36 #define PFIOC ('P' << 8)
39 37 #define PFIOCSETF (PFIOC|1) /* replace current packet filter */
40 38
41 39 #define ENMAXFILTERS 255 /* maximum filter short words */
42 40 #define PF_MAXFILTERS 2047 /* max short words for newpacketfilt */
43 41
44 42 /*
45 43 * filter structure for SETF
46 44 */
47 45 struct packetfilt {
48 46 uchar_t Pf_Priority; /* priority of filter */
49 47 uchar_t Pf_FilterLen; /* length of filter cmd list */
50 48 ushort_t Pf_Filter[ENMAXFILTERS]; /* filter command list */
51 49 };
52 50
53 51 /*
54 52 * The extended packet filter structure
55 53 */
56 54 struct Pf_ext_packetfilt {
57 55 uchar_t Pf_Priority; /* priority of filter */
58 56 unsigned int Pf_FilterLen; /* length of filter cmd list */
59 57 ushort_t Pf_Filter[PF_MAXFILTERS]; /* filter command list */
60 58 };
61 59
62 60 /*
63 61 * We now allow specification of up to MAXFILTERS (short) words of a filter
64 62 * command list to be applied to incoming packets to determine if
65 63 * those packets should be given to a particular open ethernet file.
66 64 * Alternatively, PF_MAXFILTERS and Pf_ext_packetfilt structure can be
67 65 * used in case even bigger filter command list is needed.
68 66 *
69 67 * In this context, "word" means a short (16-bit) integer.
70 68 *
71 69 * The filter command list is specified using ioctl(). Each filter command
72 70 * list specifies a sequence of actions that leaves a boolean value on the
73 71 * top of an internal stack. There is also an offset register which is
74 72 * initialized to zero. Each word of the command list specifies an action
75 73 * from the set {PUSHLIT, PUSHZERO, PUSHWORD+N, LOAD_OFFSET, BRTR, BRFL, POP}
76 74 * (see #defines below for definitions), and a binary operator from the set
77 75 * {EQ, LT, LE, GT, GE, AND, OR, XOR} which operates on the top two elements
78 76 * of the stack and replaces them with its result. The special action NOPUSH
79 77 * and the special operator NOP can be used to only perform the binary
80 78 * operation or to only push a value on the stack.
81 79 *
82 80 * If the final value of the filter operation is true, then the packet is
83 81 * accepted for the open file which specified the filter.
84 82 */
85 83
86 84 /* these must sum to sizeof (ushort_t)! */
87 85 #define ENF_NBPA 10 /* # bits / action */
88 86 #define ENF_NBPO 6 /* # bits / operator */
89 87
90 88 /* binary operators */
91 89 #define ENF_NOP (0 << ENF_NBPA)
92 90 #define ENF_EQ (1 << ENF_NBPA)
93 91 #define ENF_LT (2 << ENF_NBPA)
94 92 #define ENF_LE (3 << ENF_NBPA)
95 93 #define ENF_GT (4 << ENF_NBPA)
96 94 #define ENF_GE (5 << ENF_NBPA)
97 95 #define ENF_AND (6 << ENF_NBPA)
98 96 #define ENF_OR (7 << ENF_NBPA)
99 97 #define ENF_XOR (8 << ENF_NBPA)
100 98 #define ENF_COR (9 << ENF_NBPA)
101 99 #define ENF_CAND (10 << ENF_NBPA)
102 100 #define ENF_CNOR (11 << ENF_NBPA)
103 101 #define ENF_CNAND (12 << ENF_NBPA)
104 102 #define ENF_NEQ (13 << ENF_NBPA)
105 103
106 104 /* stack actions */
107 105 #define ENF_NOPUSH 0
|
↓ open down ↓ |
67 lines elided |
↑ open up ↑ |
108 106 #define ENF_PUSHLIT 1 /* Push the next word on the stack */
109 107 #define ENF_PUSHZERO 2 /* Push 0 on the stack */
110 108 #define ENF_PUSHONE 3 /* Push 1 on the stack */
111 109 #define ENF_PUSHFFFF 4 /* Push 0xffff on the stack */
112 110 #define ENF_PUSHFF00 5 /* Push 0xff00 on the stack */
113 111 #define ENF_PUSH00FF 6 /* Push 0x00ff on the stack */
114 112 #define ENF_LOAD_OFFSET 7 /* Load the next word into the offset register */
115 113 #define ENF_BRTR 8 /* Branch if the stack's top element is true */
116 114 #define ENF_BRFL 9 /* Branch if the stack's top element is false */
117 115 #define ENF_POP 10 /* Pop the top element from the stack */
116 +#define ENF_PUSHFF00_N 11 /* Push 0xff00 in network byte order on the stack */
117 +#define ENF_PUSH00FF_N 12 /* Push 0x00ff in network byte order on the stack */
118 118 #define ENF_PUSHWORD 16
119 119
120 120 #ifdef __cplusplus
121 121 }
122 122 #endif
123 123
124 124 #endif /* _SYS_PFMOD_H */
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX