src/helper/helper-nfacct-rule.h

   1 /*
   2  * Copyright (c) 2016 Samsung Electronics Co., Ltd.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  * http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 #ifndef __STC_NFACCT_RULE_H__
  18 #define __STC_NFACCT_RULE_H__
  19
  20 #include "stc-db.h"
  21
  22 #include <stdbool.h>
  23 #include <sys/types.h>
  24 #include <unistd.h>
  25
  26 #include "helper-nl.h"
  27
  28 #define NFACCT_NAME_MAX 32
  29
  30 typedef enum {
  31         NFACCT_COUNTER_UNKNOWN,
  32         NFACCT_COUNTER_IN = (1 << 1),
  33         NFACCT_COUNTER_OUT = (1 << 2),
  34         NFACCT_COUNTER_FORWARD = (1 << 3),
  35         NFACCT_COUNTER_LAST_ELEM
  36 } nfacct_rule_direction;
  37
  38 typedef enum {
  39         NFACCT_ACTION_UNKNOWN,
  40         NFACCT_ACTION_APPEND,
  41         NFACCT_ACTION_DELETE,
  42         NFACCT_ACTION_INSERT,
  43         NFACCT_ACTION_LAST_ELEM,
  44 } nfacct_rule_action;
  45
  46 typedef enum {
  47         NFACCT_JUMP_UNKNOWN,
  48         NFACCT_JUMP_ACCEPT,
  49         NFACCT_JUMP_REJECT,
  50         NFACCT_JUMP_LAST_ELEM,
  51 } nfacct_rule_jump;
  52
  53 typedef enum {
  54         NFACCT_COUNTER,
  55         NFACCT_WARN,
  56         NFACCT_BLOCK,
  57         NFACCT_ALLOW,
  58         NFACCT_TETH_COUNTER,
  59         NFACCT_RULE_LAST_ELEM,
  60 } nfacct_rule_intend;
  61
  62 typedef enum {
  63         NFACCT_TYPE_UNKNOWN,
  64         NFACCT_TYPE_IPV4,
  65         NFACCT_TYPE_IPV6,
  66         NFACCT_TYPE_IPV4_IPV6,
  67         NFACCT_TYPE_LAST_ELEM
  68 } nfacct_rule_iptype;
  69
  70 typedef enum {
  71         NFACCT_IPRANGE_TYPE_NONE,
  72         NFACCT_IPRANGE_TYPE_SINGLE,
  73         NFACCT_IPRANGE_TYPE_MASK,
  74         NFACCT_IPRANGE_TYPE_RANGE,
  75 } nfacct_rule_iprange_type;
  76
  77 enum nfnl_acct_flags {
  78         NFACCT_F_QUOTA_PKTS     = (1 << 0),
  79         NFACCT_F_QUOTA_BYTES    = (1 << 1),
  80         NFACCT_F_OVERQUOTA      = (1 << 2), /* can't be set from userspace */
  81 };
  82
  83 /**
  84  * it's better to have
  85  * base nfacct_rule with following fields:
  86  *  name, ifname, pid, classid, iftype, intend, carg, iptables_rule
  87  *
  88  *  and inherited nfacct_rule_counter and nfacct_rule_restriction
  89  *  with additional field:
  90  *      quota, quota_id, roaming, rstn_state
  91  *
  92  * But ANSI C doesn't support inheritance.
  93  */
  94 struct nfacct_rule {
  95         char name[NFACCT_NAME_MAX];
  96         char ifname[MAX_IFACE_LENGTH];
  97
  98         pid_t pid;
  99         uint32_t classid;
 100         stc_iface_type_e iftype;
 101         nfacct_rule_action action;
 102         nfacct_rule_direction iotype;
 103         nfacct_rule_intend intend;
 104         nfacct_rule_jump jump; /* in most cases jump is evalutation based on intend, but not always */
 105         stc_rstn_state_e rstn_state;
 106         nfacct_rule_iptype iptype;
 107         nfacct_rule_iprange_type src_iprange_type;
 108         nfacct_rule_iprange_type dst_iprange_type;
 109         char *src_ip1;
 110         char *src_ip2;
 111         char *dst_ip1;
 112         char *dst_ip2;
 113
 114         struct counter_arg *carg;
 115         stc_error_e(*iptables_rule)(struct nfacct_rule *counter);
 116         int64_t quota;
 117         int quota_id;
 118         stc_roaming_type_e roaming;
 119
 120         int64_t send_limit;
 121         int64_t rcv_limit;
 122 };
 123
 124 typedef struct nfacct_rule nfacct_rule_s;
 125
 126 struct counter_arg;
 127
 128 void generate_counter_name(nfacct_rule_s *counter);
 129 bool recreate_counter_by_name(char *cnt_name, nfacct_rule_s *counter);
 130
 131 stc_error_e nfacct_send_get_all(struct counter_arg *carg);
 132 stc_error_e produce_net_rule(nfacct_rule_s *rule);
 133
 134 netlink_serialization_command *
 135 netlink_create_command(struct netlink_serialization_params *params);
 136
 137 #endif /* __STC_NFACCT_RULE_H__ */
 138