src/helper/helper-nfacct-rule.h

   1 /*
   2  * Copyright (c) 2016 Samsung Electronics Co., Ltd.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  * http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 #ifndef __STC_NFACCT_RULE_H__
  18 #define __STC_NFACCT_RULE_H__
  19
  20 #include "stc-db.h"
  21
  22 #include <stdbool.h>
  23 #include <sys/types.h>
  24 #include <unistd.h>
  25
  26 #include "helper-nl.h"
  27
  28 #define NFACCT_NAME_MAX 32
  29
  30 typedef enum {
  31         NFACCT_COUNTER_UNKNOWN,
  32         NFACCT_COUNTER_IN = (1 << 1),
  33         NFACCT_COUNTER_OUT = (1 << 2),
  34         NFACCT_COUNTER_FORWARD = (1 << 3),
  35         NFACCT_COUNTER_LAST_ELEM
  36 } nfacct_rule_direction;
  37
  38 typedef enum {
  39         NFACCT_ACTION_UNKNOWN,
  40         NFACCT_ACTION_APPEND,
  41         NFACCT_ACTION_DELETE,
  42         NFACCT_ACTION_INSERT,
  43         NFACCT_ACTION_LAST_ELEM,
  44 } nfacct_rule_action;
  45
  46 typedef enum {
  47         NFACCT_JUMP_UNKNOWN,
  48         NFACCT_JUMP_ACCEPT,
  49         NFACCT_JUMP_REJECT,
  50         NFACCT_JUMP_LAST_ELEM,
  51 } nfacct_rule_jump;
  52
  53 typedef enum {
  54         NFACCT_COUNTER,
  55         NFACCT_WARN,
  56         NFACCT_BLOCK,
  57         NFACCT_ALLOW,
  58         NFACCT_TETH_COUNTER,
  59         NFACCT_TETH_WARN,
  60         NFACCT_TETH_BLOCK,
  61         NFACCT_TETH_ALLOW,
  62         NFACCT_RULE_LAST_ELEM,
  63 } nfacct_rule_intend;
  64
  65 typedef enum {
  66         NFACCT_TYPE_UNKNOWN,
  67         NFACCT_TYPE_IPV4,
  68         NFACCT_TYPE_IPV6,
  69         NFACCT_TYPE_IPV4_IPV6,
  70         NFACCT_TYPE_LAST_ELEM
  71 } nfacct_rule_iptype;
  72
  73 typedef enum {
  74         NFACCT_IPRANGE_TYPE_NONE,
  75         NFACCT_IPRANGE_TYPE_SINGLE,
  76         NFACCT_IPRANGE_TYPE_MASK,
  77         NFACCT_IPRANGE_TYPE_RANGE,
  78 } nfacct_rule_iprange_type;
  79
  80 enum nfnl_acct_flags {
  81         NFACCT_F_QUOTA_PKTS     = (1 << 0),
  82         NFACCT_F_QUOTA_BYTES    = (1 << 1),
  83         NFACCT_F_OVERQUOTA      = (1 << 2), /* can't be set from userspace */
  84 };
  85
  86 /**
  87  * it's better to have
  88  * base nfacct_rule with following fields:
  89  *  name, ifname, pid, classid, iftype, intend, carg, iptables_rule
  90  *
  91  *  and inherited nfacct_rule_counter and nfacct_rule_restriction
  92  *  with additional field:
  93  *      quota, quota_id, roaming, rstn_state
  94  *
  95  * But ANSI C doesn't support inheritance.
  96  */
  97 struct nfacct_rule {
  98         char name[NFACCT_NAME_MAX];
  99         char ifname[MAX_IFACE_LENGTH];
 100
 101         pid_t pid;
 102         uint32_t classid;
 103         stc_iface_type_e iftype;
 104         nfacct_rule_action action;
 105         nfacct_rule_direction iotype;
 106         nfacct_rule_intend intend;
 107         nfacct_rule_jump jump; /* in most cases jump is evalutation based on intend, but not always */
 108         stc_app_state_e app_state;
 109         stc_rstn_state_e rstn_state;
 110         nfacct_rule_iptype iptype;
 111         nfacct_rule_iprange_type src_iprange_type;
 112         nfacct_rule_iprange_type dst_iprange_type;
 113         char *src_ip1;
 114         char *src_ip2;
 115         char *dst_ip1;
 116         char *dst_ip2;
 117
 118         struct counter_arg *carg;
 119         stc_error_e(*iptables_rule)(struct nfacct_rule *counter);
 120         int64_t quota;
 121         int quota_id;
 122         stc_roaming_type_e roaming;
 123
 124         int64_t send_limit;
 125         int64_t rcv_limit;
 126 };
 127
 128 typedef struct nfacct_rule nfacct_rule_s;
 129
 130 struct counter_arg;
 131
 132 void generate_counter_name(nfacct_rule_s *counter);
 133 bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *counter);
 134
 135 stc_error_e nfacct_send_get_all(struct counter_arg *carg);
 136 stc_error_e produce_net_rule(nfacct_rule_s *rule);
 137
 138 netlink_serialization_command *
 139 netlink_create_command(struct netlink_serialization_params *params);
 140
 141 #endif /* __STC_NFACCT_RULE_H__ */
 142