diff options
Diffstat (limited to 'libseaudit/src/filter-internal.h')
-rw-r--r-- | libseaudit/src/filter-internal.h | 109 |
1 files changed, 109 insertions, 0 deletions
diff --git a/libseaudit/src/filter-internal.h b/libseaudit/src/filter-internal.h new file mode 100644 index 0000000..abfa908 --- /dev/null +++ b/libseaudit/src/filter-internal.h @@ -0,0 +1,109 @@ +/** + * @file + * Protected interface for seaudit filters. + * + * @author Jeremy A. Mowery jmowery@tresys.com + * @author Jason Tang jtang@tresys.com + * @author Jeremy Solt jsolt@tresys.com + * + * Copyright (C) 2006-2007 Tresys Technology, LLC + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef SEAUDIT_FILTER_INTERNAL_H +#define SEAUDIT_FILTER_INTERNAL_H + +#include "seaudit_internal.h" + +struct seaudit_filter +{ + seaudit_filter_match_e match; + char *name; + char *desc; + bool strict; + /** model that is watching this filter */ + seaudit_model_t *model; + /** vector of strings, for source users */ + apol_vector_t *src_users; + /** vector of strings, for source roles */ + apol_vector_t *src_roles; + /** vector of strings, for source types */ + apol_vector_t *src_types; + /** vector of strings, for source mls levels */ + apol_vector_t *src_mls_lvl; + /** vector of strings, for source mls clearance */ + apol_vector_t *src_mls_clr; + /** vector of strings, for target users */ + apol_vector_t *tgt_users; + /** vector of strings, for target roles */ + apol_vector_t *tgt_roles; + /** vector of strings, for target types */ + apol_vector_t *tgt_types; + /** vector of strings, for target mls levels */ + apol_vector_t *tgt_mls_lvl; + /** vector of strings, for target mls clearance */ + apol_vector_t *tgt_mls_clr; + /** vector of strings, for target object classes */ + apol_vector_t *tgt_classes; + /** criteria for permissions, glob expression */ + char *perm; + /** criteria for executable, glob expression */ + char *exe; + /** criteria for host, glob expression */ + char *host; + /** criteria for path, glob expression */ + char *path; + /** inode criterion, as a literal value */ + unsigned long inode; + /** pid criterion, as a literal value */ + unsigned int pid; + /** criterion for command, glob expression */ + char *comm; + /** criterion for IP address, glob expression */ + char *anyaddr; + /** criterion for local address, glob expression */ + char *laddr; + /** criterion for foreign address, glob expression */ + char *faddr; + /** criterion for source address, glob expression */ + char *saddr; + /** criterion for destination address, glob expression */ + char *daddr; + /** criterion for any of the ports, exact match */ + int anyport; + /** criterion for local port, exact match */ + int lport; + /** criterion for foreign port, exact match */ + int fport; + /** criterion for source port, exact match */ + int sport; + /** criterion for destination port, exact match */ + int dport; + /** criterion for just plain port, exact match */ + int port; + /** criterion for netif, exact match */ + char *netif; + /** criterion for IPC key, exact match */ + int key; + /** criterion for capability, exact match */ + int cap; + /** criterion for AVC message type */ + seaudit_avc_message_type_e avc_msg_type; + struct tm *start, *end; + seaudit_filter_date_match_e date_match; +}; + +#endif |