1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
/* eurephiafw.h -- Firewall interface struct typedef
*
* GPLv2 only - Copyright (C) 2008 - 2012
* David Sommerseth <dazo@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; version 2
* of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
*/
/**
* @file eurephiafw_struct.h
* @author David Sommerseth <dazo@users.sourceforge.net>
* @date 2008-11-05
*
* @brief Declaraion of the constants and structs the firewall interface uses
*
*/
#ifndef EUREPHIAFW_STRUCT_H_
#define EUREPHIAFW_STRUCT_H_
#include <mqueue.h>
#include <semaphore.h>
#include <eurephia_values_struct.h>
/**
* Important variables for the firewall updater process. They are sent to the
* firewall process during the process forking.
*/
typedef struct {
mqd_t msgq; /**< MQ descriptor */
sem_t *semp_worker; /**< semaphore descriptor for the firewall process */
sem_t *semp_master; /**< semaphore descriptor for the main openvpn process */
char *fw_command; /**< string (char *) with full path to the firewall update command */
void *ctx; /**< A "shadow" eurephiaCTX used for allowing shared logging */
} efw_threaddata;
/**
* Definition of the eurephiaFWINTF struct
*/
typedef struct {
efw_threaddata thrdata; /**< Process related information */
pid_t fwproc_pid; /**< Contains the PID of the firewall process */
char *fwblacklist; /**< Which fw dest. blacklisted IP addr should be registered into */
char *fwblacklist_sendto; /**< Which fw dest. blacklisted IP addr should forward their hits to */
eurephiaVALUES *blacklisted; /**< Contains all IP addresses we have blacklisted */
} eurephiaFWINTF;
/**
* Valid firewall modes to be passed over the POSIX MQ queue
*/
typedef enum {fwADD, /**< Add a new VPN client to the firewall VPN chain */
fwDELETE, /**< Delete an existing VPN client from the firewall VPN chain */
fwBLACKLIST, /**< Blacklist an IP address */
fwFLUSH, /**< Flush the firewall VPN chain */
fwINITIALISE, /**< Initialiase the firewall VPN chain */
fwSHUTDOWN, /**< Initialiase the firewall VPN chain */
} eFWmode;
/**
* Update request for the firewall plug-in
*/
typedef struct {
eFWmode mode; /**< Defines what the update will do with the firewall (mandatory) */
char ipaddress[36]; /**< IP address to include (used by fwADD,fwDELETE and fwBLACKLIST) */
char macaddress[19]; /**< VPN MAC address (used by fwADD and fwDELETE) */
char rule_destination[66]; /**< Where this new rule will be inserted (mandatory) */
char goto_destination[66]; /**< Where matching rules should go next (used by fwBLACKLIST) */
} eFWupdateRequest;
#endif /* !EUREPHIAFW_STRUCT_H_ */
|
