#include <semaphore.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <pthread.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <netinet/udp.h>
#include <arpa/inet.h>
#include <linux/netfilter.h>
#include <time.h>
#include "config.h"
#include "proto.h"
Include dependency graph for structure.h:
This graph shows which files directly or indirectly include this file:
Go to the source code of this file.
Data Structures | |
| struct | Packet_Ids |
| struct | packets_list_t |
| struct | nufw_signals |
| struct | nufw_threadtype |
| struct | nufw_threadargument |
Defines | |
| #define | AUTHREQ_ADDR "127.0.0.1" |
| #define | TRACK_SIZE 1000 |
| #define | PACKET_TIMEOUT 15 |
| #define | HOSTNAME_SIZE 256 |
| #define | FILENAME_SIZE 256 |
| #define | IPQ_SET_VERDICT(PACKETID, DECISION) |
| #define | IPQ_SET_VWMARK(PACKETID, DECISION, NFMARK) |
Typedefs | |
| typedef Packet_Ids | packet_idl |
Enumerations | |
| enum | pckt_state_t { PCKT_NONE = 0, PCKT_WAITING, PCKT_SENT, PCKT_ANSWERED } |
Variables | |
| char * | cert_file |
| char * | key_file |
| char * | ca_file |
| char * | nuauth_cert_dn |
| char | authreq_addr [HOSTNAME_SIZE] |
| unsigned int | authreq_port |
| int | packet_timeout |
| int | track_size |
| int | nufw_set_mark |
| packets_list_t | packets_list |
| ipq_handle * | hndl |
| pthread_mutex_t | ipq_mutex |
| int | pckt_tx |
| int | pckt_rx |
Global variables with their default value. Most important one is the packets_list.
Definition in file structure.h.
| #define AUTHREQ_ADDR "127.0.0.1" |
| #define FILENAME_SIZE 256 |
Maximum length of filenames
Definition at line 57 of file structure.h.
| #define HOSTNAME_SIZE 256 |
Maximum size of hostnames (authreq_addr)
Definition at line 56 of file structure.h.
| #define IPQ_SET_VERDICT | ( | PACKETID, | |||
| DECISION | ) |
Value:
do { \ pthread_mutex_lock(&ipq_mutex); \ ipq_set_verdict(hndl, PACKETID, DECISION,0,NULL); \ pthread_mutex_unlock(&ipq_mutex); \ } while(0)
Definition at line 192 of file structure.h.
Referenced by auth_process_answer(), clean_old_packets(), packetsrv_ipq_process(), padd(), and psearch_and_destroy().
| #define IPQ_SET_VWMARK | ( | PACKETID, | |||
| DECISION, | |||||
| NFMARK | ) |
Value:
do { \ pthread_mutex_lock(&ipq_mutex); \ ipq_set_vwmark(hndl, PACKETID, DECISION, NFMARK,0,NULL); \ pthread_mutex_unlock(&ipq_mutex); \ } while(0)
Definition at line 199 of file structure.h.
Referenced by auth_process_answer().
| #define PACKET_TIMEOUT 15 |
Default value of packet_timeout
Definition at line 55 of file structure.h.
| #define TRACK_SIZE 1000 |
| typedef struct Packet_Ids packet_idl |
Informations about one packet: unique identifier in netfilter queue, timestamp (initialized by NuFW) and mark (if NuFW compiled with mark support).
| enum pckt_state_t |
This enum is used to code the state of a packet with respect to nufw nuauth interaction
Definition at line 83 of file structure.h.
| char authreq_addr[HOSTNAME_SIZE] |
IP or hostname of NuAuth server address (adr_srv), default value: AUTHREQ_ADDR
Definition at line 65 of file structure.h.
Referenced by main(), and tls_connect().
| unsigned int authreq_port |
Port of NuAuth server address (adr_srv), default value: AUTHREQ_PORT
Definition at line 68 of file structure.h.
Referenced by main(), nuauthconf_from_cmdline(), and tls_connect().
| char* ca_file |
Trust filename used in TLS connection, default value: NULL
Definition at line 61 of file structure.h.
Referenced by main(), nufw_prepare_quit(), and tls_connect().
| char* cert_file |
Certificatename used in TLS connection, default value: NULL
Definition at line 47 of file main.c.
Referenced by init_checks(), init_x509_filenames(), main(), nufw_prepare_quit(), and tls_connect().
| struct ipq_handle* hndl |
| char* key_file |
Key filename used in TLS connection, default value: NULL
Definition at line 46 of file main.c.
Referenced by init_checks(), init_x509_filenames(), main(), nufw_prepare_quit(), and tls_connect().
| char* nuauth_cert_dn |
NuAuth certificate filename, default value: NULL
Definition at line 62 of file structure.h.
Referenced by main(), and tls_connect().
| int nufw_set_mark |
If equals to 1, set mark on packet using IPQ_SET_VWMARK. Default value: 0
Definition at line 77 of file structure.h.
Referenced by auth_process_answer(), and main().
| int packet_timeout |
Number of second before a packet is dropped, default value: PACKET_TIMEOUT
Definition at line 71 of file structure.h.
Referenced by clean_old_packets(), main(), and psearch_and_destroy().
| struct packets_list_t packets_list |
Packet list used to store packet until NuAuth answer. clean_old_packets() and psearch_and_destroy() remove old packets (after packet_timeout secondes).
Referenced by auth_process_answer(), clean_old_packets(), clear_packet_list(), main(), nufw_prepare_quit(), packetsrv_ipq_process(), padd(), psearch_and_destroy(), and psuppress().
| int pckt_rx |
Number of received packets since NuFW is running
Definition at line 208 of file structure.h.
Referenced by main(), packetsrv(), and packetsrv_ipq_process().
| int pckt_tx |
Number of transmitted packets since NuFW is running
Definition at line 207 of file structure.h.
Referenced by auth_process_answer(), and main().
| int track_size |
Maximum size of the packet list (packets_list), default value: TRACK_SIZE
Definition at line 74 of file structure.h.
1.4.7