]> git.proxmox.com Git - mirror_frr.git/blob - lib/filter.h
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #9365 from idryzhov/fix-plist-dup-check
[mirror_frr.git] / lib / filter.h
1 /*
2 * Route filtering function.
3 * Copyright (C) 1998 Kunihiro Ishiguro
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published
9 * by the Free Software Foundation; either version 2, or (at your
10 * option) any later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #ifndef _ZEBRA_FILTER_H
23 #define _ZEBRA_FILTER_H
24
25 #include "if.h"
26 #include "prefix.h"
27
28 #ifdef __cplusplus
29 extern "C" {
30 #endif
31
32 /* Maximum ACL name length */
33 #define ACL_NAMSIZ 128
34
35 /** Cisco host wildcard mask. */
36 #define CISCO_HOST_WILDCARD_MASK "0.0.0.0"
37 /** Cisco host wildcard binary mask. */
38 #define CISCO_BIN_HOST_WILDCARD_MASK INADDR_ANY
39
40 /** Cisco any wildcard mask. */
41 #define CISCO_ANY_WILDCARD_MASK "255.255.255.255"
42 /** Cisco binary any wildcard mask. */
43 #define CISCO_BIN_ANY_WILDCARD_MASK INADDR_NONE
44
45 /* Filter direction. */
46 #define FILTER_IN 0
47 #define FILTER_OUT 1
48 #define FILTER_MAX 2
49
50 /* Filter type is made by `permit', `deny' and `dynamic'. */
51 enum filter_type { FILTER_DENY, FILTER_PERMIT, FILTER_DYNAMIC };
52
53 struct filter_cisco {
54 /* Cisco access-list */
55 int extended;
56 struct in_addr addr;
57 struct in_addr addr_mask;
58 struct in_addr mask;
59 struct in_addr mask_mask;
60 };
61
62 struct filter_zebra {
63 /* If this filter is "exact" match then this flag is set. */
64 int exact;
65
66 /* Prefix information. */
67 struct prefix prefix;
68 };
69
70 /* Forward declaration of access-list struct. */
71 struct access_list;
72
73 /* Filter element of access list */
74 struct filter {
75 /* For doubly linked list. */
76 struct filter *next;
77 struct filter *prev;
78
79 /* Parent access-list pointer. */
80 struct access_list *acl;
81
82 /* Filter type information. */
83 enum filter_type type;
84
85 /* Sequence number */
86 int64_t seq;
87
88 /* Cisco access-list */
89 int cisco;
90
91 union {
92 struct filter_cisco cfilter;
93 struct filter_zebra zfilter;
94 } u;
95 };
96
97 /* Access list */
98 struct access_list {
99 char *name;
100 char *remark;
101
102 struct access_master *master;
103
104 struct access_list *next;
105 struct access_list *prev;
106
107 struct filter *head;
108 struct filter *tail;
109 };
110
111 /* List of access_list. */
112 struct access_list_list {
113 struct access_list *head;
114 struct access_list *tail;
115 };
116
117 /* Master structure of access_list. */
118 struct access_master {
119 /* List of access_list which name is string. */
120 struct access_list_list str;
121
122 /* Hook function which is executed when new access_list is added. */
123 void (*add_hook)(struct access_list *);
124
125 /* Hook function which is executed when access_list is deleted. */
126 void (*delete_hook)(struct access_list *);
127 };
128
129
130 /* Prototypes for access-list. */
131 extern void access_list_init(void);
132 extern void access_list_reset(void);
133 extern void access_list_add_hook(void (*func)(struct access_list *));
134 extern void access_list_delete_hook(void (*func)(struct access_list *));
135 extern struct access_list *access_list_lookup(afi_t, const char *);
136 extern enum filter_type access_list_apply(struct access_list *access,
137 const void *object);
138
139 struct access_list *access_list_get(afi_t afi, const char *name);
140 void access_list_delete(struct access_list *access);
141 struct filter *filter_new(void);
142 void access_list_filter_add(struct access_list *access,
143 struct filter *filter);
144 void access_list_filter_delete(struct access_list *access,
145 struct filter *filter);
146 int64_t filter_new_seq_get(struct access_list *access);
147
148 extern const struct frr_yang_module_info frr_filter_info;
149
150
151 /* filter_nb.c */
152 enum yang_access_list_type {
153 YALT_IPV4 = 0,
154 YALT_IPV6 = 1,
155 YALT_MAC = 2,
156 };
157
158 enum yang_prefix_list_type {
159 YPLT_IPV4 = 0,
160 YPLT_IPV6 = 1,
161 };
162
163 enum yang_prefix_list_action {
164 YPLA_DENY = 0,
165 YPLA_PERMIT = 1,
166 };
167
168 struct acl_dup_args {
169 /** Access list type ("ipv4", "ipv6" or "mac"). */
170 const char *ada_type;
171 /** Access list name. */
172 const char *ada_name;
173
174 /** Entry action. */
175 const char *ada_action;
176
177 #define ADA_MAX_VALUES 4
178 /** Entry XPath for value. */
179 const char *ada_xpath[ADA_MAX_VALUES];
180 /** Entry value to match. */
181 const char *ada_value[ADA_MAX_VALUES];
182
183 /** Duplicated entry found in list? */
184 bool ada_found;
185
186 /** Sequence number of the found entry */
187 int64_t ada_seq;
188
189 /** (Optional) Already existing `dnode`. */
190 const struct lyd_node *ada_entry_dnode;
191 };
192
193 /**
194 * Check for duplicated entries using the candidate configuration.
195 *
196 * \param vty so we can get the candidate config.
197 * \param ada the arguments to check.
198 */
199 bool acl_is_dup(const struct lyd_node *dnode, struct acl_dup_args *ada);
200
201 struct plist_dup_args {
202 /** Access list type ("ipv4" or "ipv6"). */
203 const char *pda_type;
204 /** Access list name. */
205 const char *pda_name;
206
207 /** Entry action. */
208 const char *pda_action;
209
210 bool any;
211 struct prefix prefix;
212 int ge;
213 int le;
214
215 /** Duplicated entry found in list? */
216 bool pda_found;
217
218 /** Sequence number of the found entry */
219 int64_t pda_seq;
220
221 /** (Optional) Already existing `dnode`. */
222 const struct lyd_node *pda_entry_dnode;
223 };
224
225 /**
226 * Check for duplicated entries using the candidate configuration.
227 *
228 * \param vty so we can get the candidate config.
229 * \param pda the arguments to check.
230 */
231 bool plist_is_dup(const struct lyd_node *dnode, struct plist_dup_args *pda);
232
233 /* filter_cli.c */
234 struct lyd_node;
235 struct vty;
236
237 extern int access_list_cmp(struct lyd_node *dnode1, struct lyd_node *dnode2);
238 extern void access_list_show(struct vty *vty, struct lyd_node *dnode,
239 bool show_defaults);
240 extern void access_list_remark_show(struct vty *vty, struct lyd_node *dnode,
241 bool show_defaults);
242 extern int prefix_list_cmp(struct lyd_node *dnode1, struct lyd_node *dnode2);
243 extern void prefix_list_show(struct vty *vty, struct lyd_node *dnode,
244 bool show_defaults);
245 extern void prefix_list_remark_show(struct vty *vty, struct lyd_node *dnode,
246 bool show_defaults);
247
248 void filter_cli_init(void);
249
250 #ifdef __cplusplus
251 }
252 #endif
253
254 #endif /* _ZEBRA_FILTER_H */
FRRouting mirror