884907da51b22c35a8bb4c7ed893cff2d5801342
2 * firewall3 - 3rd OpenWrt UCI firewall implementation
4 * Copyright (C) 2013 Jo-Philipp Wich <jo@mein.io>
6 * Permission to use, copy, modify, and/or distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
31 #include <sys/types.h>
35 #include <libubox/list.h>
36 #include <libubox/blob.h>
40 #define FW3_STATEFILE "/var/run/fw3.state"
41 #define FW3_LOCKFILE "/var/run/fw3.lock"
42 #define FW3_HELPERCONF "/usr/share/fw3/helpers.conf"
43 #define FW3_HOTPLUG "/sbin/hotplug-call"
45 extern bool fw3_pr_debug
;
49 void warn_elem(struct uci_element
*e
, const char *format
, ...)
50 __attribute__ ((format (printf
, 2, 3)));
51 void warn(const char *format
, ...)
52 __attribute__ ((format (printf
, 1, 2)));
53 void error(const char *format
, ...)
54 __attribute__ ((format (printf
, 1, 2)));
55 void info(const char *format
, ...)
56 __attribute__ ((format (printf
, 1, 2)));
58 #define warn_section(t, r, e, fmt, ...) \
61 warn_elem(e, fmt, ##__VA_ARGS__); \
63 warn("Warning: ubus " t " (%s) " fmt, \
64 (r && r->name) ? r->name : "?", ##__VA_ARGS__); \
67 #define fw3_setbit(field, flag) field |= (1 << (flag))
68 #define fw3_delbit(field, flag) field &= ~(1 << (flag))
69 #define fw3_hasbit(field, flag) (field & (1 << (flag)))
71 #define set(field, family, flag) fw3_setbit(field[family == FW3_FAMILY_V6], flag)
72 #define del(field, family, flag) fw3_delbit(field[family == FW3_FAMILY_V6], flag)
73 #define has(field, family, flag) fw3_hasbit(field[family == FW3_FAMILY_V6], flag)
75 #define fw3_foreach(p, h) \
76 for (p = list_empty(h) ? NULL : list_first_entry(h, typeof(*p), list); \
77 list_empty(h) ? (p == NULL) : (&p->list != (h)); \
78 p = list_empty(h) ? list_first_entry(h, typeof(*p), list) \
79 : list_entry(p->list.next, typeof(*p), list))
81 #define fw3_is_family(p, f) \
82 (!p || (p)->family == FW3_FAMILY_ANY || (p)->family == f)
84 #define fw3_no_family(flags) \
85 (!(flags & ((1 << FW3_FAMILY_V4) | (1 << FW3_FAMILY_V6))))
87 #define fw3_no_table(flags) \
88 (!(flags & ((1<<FW3_TABLE_FILTER)|(1<<FW3_TABLE_NAT)| \
89 (1<<FW3_TABLE_MANGLE)|(1<<FW3_TABLE_RAW))))
92 void * fw3_alloc(size_t size
);
93 char * fw3_strdup(const char *s
);
95 const char * fw3_find_command(const char *cmd
);
97 bool fw3_stdout_pipe(void);
98 bool __fw3_command_pipe(bool silent
, const char *command
, ...);
99 #define fw3_command_pipe(...) __fw3_command_pipe(__VA_ARGS__, NULL)
101 void fw3_command_close(void);
102 void fw3_pr(const char *fmt
, ...)
103 __attribute__ ((format (printf
, 1, 2)));
105 bool fw3_has_table(const bool ipv6
, const char *table
);
107 bool fw3_has_target(const bool ipv6
, const char *target
);
110 void fw3_unlock(void);
111 bool fw3_lock_path(int *fw3_lock_fd
, const char *path
);
112 void fw3_unlock_path(int *fw3_lock_fd
, const char *path
);
115 void fw3_write_statefile(void *state
);
117 void fw3_free_object(void *obj
, const void *opts
);
119 void fw3_free_list(struct list_head
*head
);
121 bool fw3_hotplug(bool add
, void *zone
, void *device
);
123 int fw3_netmask2bitlen(int family
, void *mask
);
125 bool fw3_bitlen2netmask(int family
, int bits
, void *mask
);
127 void fw3_flush_conntrack(void *zone
);
129 bool fw3_attr_parse_name_type(struct blob_attr
*entry
, const char **name
, const char **type
);
131 const char * fw3_protoname(void *proto
);
133 bool fw3_check_loopback_dev(const char *name
);
135 bool fw3_check_loopback_addr(struct fw3_address
*addr
);