1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * Route filtering function.
4 * Copyright (C) 1998 Kunihiro Ishiguro
7 #ifndef _ZEBRA_FILTER_H
8 #define _ZEBRA_FILTER_H
17 /* Maximum ACL name length */
18 #define ACL_NAMSIZ 128
20 /** Cisco host wildcard mask. */
21 #define CISCO_HOST_WILDCARD_MASK "0.0.0.0"
22 /** Cisco host wildcard binary mask. */
23 #define CISCO_BIN_HOST_WILDCARD_MASK INADDR_ANY
25 /** Cisco any wildcard mask. */
26 #define CISCO_ANY_WILDCARD_MASK "255.255.255.255"
27 /** Cisco binary any wildcard mask. */
28 #define CISCO_BIN_ANY_WILDCARD_MASK INADDR_NONE
30 /* Filter direction. */
35 /* Filter type is made by `permit', `deny' and `dynamic'. */
36 enum filter_type
{ FILTER_DENY
, FILTER_PERMIT
, FILTER_DYNAMIC
};
39 /* Cisco access-list */
42 struct in_addr addr_mask
;
44 struct in_addr mask_mask
;
48 /* If this filter is "exact" match then this flag is set. */
51 /* Prefix information. */
55 /* Forward declaration of access-list struct. */
58 /* Filter element of access list */
60 /* For doubly linked list. */
64 /* Parent access-list pointer. */
65 struct access_list
*acl
;
67 /* Filter type information. */
68 enum filter_type type
;
73 /* Cisco access-list */
77 struct filter_cisco cfilter
;
78 struct filter_zebra zfilter
;
87 struct access_master
*master
;
89 struct access_list
*next
;
90 struct access_list
*prev
;
96 /* List of access_list. */
97 struct access_list_list
{
98 struct access_list
*head
;
99 struct access_list
*tail
;
102 /* Master structure of access_list. */
103 struct access_master
{
104 /* List of access_list which name is string. */
105 struct access_list_list str
;
107 /* Hook function which is executed when new access_list is added. */
108 void (*add_hook
)(struct access_list
*);
110 /* Hook function which is executed when access_list is deleted. */
111 void (*delete_hook
)(struct access_list
*);
115 /* Prototypes for access-list. */
116 extern void access_list_init(void);
117 extern void access_list_reset(void);
118 extern void access_list_add_hook(void (*func
)(struct access_list
*));
119 extern void access_list_delete_hook(void (*func
)(struct access_list
*));
120 extern struct access_list
*access_list_lookup(afi_t
, const char *);
121 extern enum filter_type
access_list_apply(struct access_list
*access
,
124 struct access_list
*access_list_get(afi_t afi
, const char *name
);
125 void access_list_delete(struct access_list
*access
);
126 struct filter
*filter_new(void);
127 void access_list_filter_add(struct access_list
*access
,
128 struct filter
*filter
);
129 void access_list_filter_delete(struct access_list
*access
,
130 struct filter
*filter
);
131 int64_t filter_new_seq_get(struct access_list
*access
);
133 extern const struct frr_yang_module_info frr_filter_info
;
137 enum yang_access_list_type
{
143 enum yang_prefix_list_type
{
148 enum yang_prefix_list_action
{
153 struct acl_dup_args
{
154 /** Access list type ("ipv4", "ipv6" or "mac"). */
155 const char *ada_type
;
156 /** Access list name. */
157 const char *ada_name
;
160 const char *ada_action
;
162 #define ADA_MAX_VALUES 4
163 /** Entry XPath for value. */
164 const char *ada_xpath
[ADA_MAX_VALUES
];
165 /** Entry value to match. */
166 const char *ada_value
[ADA_MAX_VALUES
];
168 /** Duplicated entry found in list? */
171 /** Sequence number of the found entry */
174 /** (Optional) Already existing `dnode`. */
175 const struct lyd_node
*ada_entry_dnode
;
179 * Check for duplicated entries using the candidate configuration.
181 * \param vty so we can get the candidate config.
182 * \param ada the arguments to check.
184 bool acl_is_dup(const struct lyd_node
*dnode
, struct acl_dup_args
*ada
);
186 struct plist_dup_args
{
187 /** Access list type ("ipv4" or "ipv6"). */
188 const char *pda_type
;
189 /** Access list name. */
190 const char *pda_name
;
193 const char *pda_action
;
196 struct prefix prefix
;
200 /** Duplicated entry found in list? */
203 /** Sequence number of the found entry */
206 /** (Optional) Already existing `dnode`. */
207 const struct lyd_node
*pda_entry_dnode
;
211 * Check for duplicated entries using the candidate configuration.
213 * \param vty so we can get the candidate config.
214 * \param pda the arguments to check.
216 bool plist_is_dup(const struct lyd_node
*dnode
, struct plist_dup_args
*pda
);
222 extern int access_list_cmp(const struct lyd_node
*dnode1
,
223 const struct lyd_node
*dnode2
);
224 extern void access_list_show(struct vty
*vty
, const struct lyd_node
*dnode
,
226 extern void access_list_remark_show(struct vty
*vty
,
227 const struct lyd_node
*dnode
,
229 extern int prefix_list_cmp(const struct lyd_node
*dnode1
,
230 const struct lyd_node
*dnode2
);
231 extern void prefix_list_show(struct vty
*vty
, const struct lyd_node
*dnode
,
233 extern void prefix_list_remark_show(struct vty
*vty
,
234 const struct lyd_node
*dnode
,
237 void filter_cli_init(void);
243 #endif /* _ZEBRA_FILTER_H */