[mirror_frr.git] / lib / filter.h

// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * Route filtering function.
 * Copyright (C) 1998 Kunihiro Ishiguro
 */

#ifndef _ZEBRA_FILTER_H
#define _ZEBRA_FILTER_H

#include "if.h"
#include "prefix.h"

#ifdef __cplusplus
extern "C" {
#endif

/* Maximum ACL name length */
#define ACL_NAMSIZ                128

/** Cisco host wildcard mask. */
#define CISCO_HOST_WILDCARD_MASK  "0.0.0.0"
/** Cisco host wildcard binary mask. */
#define CISCO_BIN_HOST_WILDCARD_MASK INADDR_ANY

/** Cisco any wildcard mask. */
#define CISCO_ANY_WILDCARD_MASK   "255.255.255.255"
/** Cisco binary any wildcard mask. */
#define CISCO_BIN_ANY_WILDCARD_MASK INADDR_NONE

/* Filter direction.  */
#define FILTER_IN                 0
#define FILTER_OUT                1
#define FILTER_MAX                2

/* Filter type is made by `permit', `deny' and `dynamic'. */
enum filter_type { FILTER_DENY, FILTER_PERMIT, FILTER_DYNAMIC };

struct filter_cisco {
	/* Cisco access-list */
	int extended;
	struct in_addr addr;
	struct in_addr addr_mask;
	struct in_addr mask;
	struct in_addr mask_mask;
};

struct filter_zebra {
	/* If this filter is "exact" match then this flag is set. */
	int exact;

	/* Prefix information. */
	struct prefix prefix;
};

/* Forward declaration of access-list struct. */
struct access_list;

/* Filter element of access list */
struct filter {
	/* For doubly linked list. */
	struct filter *next;
	struct filter *prev;

	/* Parent access-list pointer. */
	struct access_list *acl;

	/* Filter type information. */
	enum filter_type type;

	/* Sequence number */
	int64_t seq;

	/* Cisco access-list */
	int cisco;

	union {
		struct filter_cisco cfilter;
		struct filter_zebra zfilter;
	} u;
};

/* Access list */
struct access_list {
	char *name;
	char *remark;

	struct access_master *master;

	struct access_list *next;
	struct access_list *prev;

	struct filter *head;
	struct filter *tail;
};

/* List of access_list. */
struct access_list_list {
	struct access_list *head;
	struct access_list *tail;
};

/* Master structure of access_list. */
struct access_master {
	/* List of access_list which name is string. */
	struct access_list_list str;

	/* Hook function which is executed when new access_list is added. */
	void (*add_hook)(struct access_list *);

	/* Hook function which is executed when access_list is deleted. */
	void (*delete_hook)(struct access_list *);
};


/* Prototypes for access-list. */
extern void access_list_init(void);
extern void access_list_reset(void);
extern void access_list_add_hook(void (*func)(struct access_list *));
extern void access_list_delete_hook(void (*func)(struct access_list *));
extern struct access_list *access_list_lookup(afi_t, const char *);
extern enum filter_type access_list_apply(struct access_list *access,
					  const void *object);

struct access_list *access_list_get(afi_t afi, const char *name);
void access_list_delete(struct access_list *access);
struct filter *filter_new(void);
void access_list_filter_add(struct access_list *access,
			    struct filter *filter);
void access_list_filter_delete(struct access_list *access,
			       struct filter *filter);
int64_t filter_new_seq_get(struct access_list *access);

extern const struct frr_yang_module_info frr_filter_info;


/* filter_nb.c */
enum yang_access_list_type {
	YALT_IPV4 = 0,
	YALT_IPV6 = 1,
	YALT_MAC = 2,
};

enum yang_prefix_list_type {
	YPLT_IPV4 = 0,
	YPLT_IPV6 = 1,
};

enum yang_prefix_list_action {
	YPLA_DENY = 0,
	YPLA_PERMIT = 1,
};

struct acl_dup_args {
	/** Access list type ("ipv4", "ipv6" or "mac"). */
	const char *ada_type;
	/** Access list name. */
	const char *ada_name;

	/** Entry action. */
	const char *ada_action;

#define ADA_MAX_VALUES 4
	/** Entry XPath for value. */
	const char *ada_xpath[ADA_MAX_VALUES];
	/** Entry value to match. */
	const char *ada_value[ADA_MAX_VALUES];

	/** Duplicated entry found in list? */
	bool ada_found;

	/** Sequence number of the found entry */
	int64_t ada_seq;

	/** (Optional) Already existing `dnode`. */
	const struct lyd_node *ada_entry_dnode;
};

/**
 * Check for duplicated entries using the candidate configuration.
 *
 * \param vty so we can get the candidate config.
 * \param ada the arguments to check.
 */
bool acl_is_dup(const struct lyd_node *dnode, struct acl_dup_args *ada);

struct plist_dup_args {
	/** Access list type ("ipv4" or "ipv6"). */
	const char *pda_type;
	/** Access list name. */
	const char *pda_name;

	/** Entry action. */
	const char *pda_action;

	bool any;
	struct prefix prefix;
	int ge;
	int le;

	/** Duplicated entry found in list? */
	bool pda_found;

	/** Sequence number of the found entry */
	int64_t pda_seq;

	/** (Optional) Already existing `dnode`. */
	const struct lyd_node *pda_entry_dnode;
};

/**
 * Check for duplicated entries using the candidate configuration.
 *
 * \param vty so we can get the candidate config.
 * \param pda the arguments to check.
 */
bool plist_is_dup(const struct lyd_node *dnode, struct plist_dup_args *pda);

/* filter_cli.c */
struct lyd_node;
struct vty;

extern int access_list_cmp(const struct lyd_node *dnode1,
			   const struct lyd_node *dnode2);
extern void access_list_show(struct vty *vty, const struct lyd_node *dnode,
			     bool show_defaults);
extern void access_list_remark_show(struct vty *vty,
				    const struct lyd_node *dnode,
				    bool show_defaults);
extern int prefix_list_cmp(const struct lyd_node *dnode1,
			   const struct lyd_node *dnode2);
extern void prefix_list_show(struct vty *vty, const struct lyd_node *dnode,
			     bool show_defaults);
extern void prefix_list_remark_show(struct vty *vty,
				    const struct lyd_node *dnode,
				    bool show_defaults);

void filter_cli_init(void);

#ifdef __cplusplus
}
#endif

#endif /* _ZEBRA_FILTER_H */
Commit	Line	Data
acddc0ed	1	// SPDX-License-Identifier: GPL-2.0-or-later
718e3744	2	/*
	3	* Route filtering function.
	4	* Copyright (C) 1998 Kunihiro Ishiguro
718e3744	5	*/
	6
	7	#ifndef _ZEBRA_FILTER_H
	8	#define _ZEBRA_FILTER_H
	9
	10	#include "if.h"
4cf24501	11	#include "prefix.h"
718e3744	12
5e244469 RW	13	#ifdef __cplusplus
	14	extern "C" {
	15	#endif
	16
45a8eba9 RW	17	/* Maximum ACL name length */
	18	#define ACL_NAMSIZ 128
	19
0ed507dd RZ	20	/** Cisco host wildcard mask. */
	21	#define CISCO_HOST_WILDCARD_MASK "0.0.0.0"
	22	/** Cisco host wildcard binary mask. */
	23	#define CISCO_BIN_HOST_WILDCARD_MASK INADDR_ANY
	24
	25	/** Cisco any wildcard mask. */
	26	#define CISCO_ANY_WILDCARD_MASK "255.255.255.255"
	27	/** Cisco binary any wildcard mask. */
	28	#define CISCO_BIN_ANY_WILDCARD_MASK INADDR_NONE
	29
039f3a34 DS	30	/* Filter direction. */
	31	#define FILTER_IN 0
	32	#define FILTER_OUT 1
	33	#define FILTER_MAX 2
	34
718e3744	35	/* Filter type is made by `permit', `deny' and `dynamic'. */
d62a17ae	36	enum filter_type { FILTER_DENY, FILTER_PERMIT, FILTER_DYNAMIC };
718e3744	37
4cf24501 RZ	38	struct filter_cisco {
	39	/* Cisco access-list */
	40	int extended;
	41	struct in_addr addr;
	42	struct in_addr addr_mask;
	43	struct in_addr mask;
	44	struct in_addr mask_mask;
	45	};
	46
	47	struct filter_zebra {
	48	/* If this filter is "exact" match then this flag is set. */
	49	int exact;
	50
	51	/* Prefix information. */
	52	struct prefix prefix;
	53	};
	54
	55	/* Forward declaration of access-list struct. */
	56	struct access_list;
	57
	58	/* Filter element of access list */
	59	struct filter {
	60	/* For doubly linked list. */
	61	struct filter *next;
	62	struct filter *prev;
	63
	64	/* Parent access-list pointer. */
	65	struct access_list *acl;
	66
	67	/* Filter type information. */
	68	enum filter_type type;
	69
	70	/* Sequence number */
	71	int64_t seq;
	72
	73	/* Cisco access-list */
	74	int cisco;
	75
	76	union {
	77	struct filter_cisco cfilter;
	78	struct filter_zebra zfilter;
	79	} u;
	80	};
	81
718e3744	82	/* Access list */
d62a17ae	83	struct access_list {
	84	char *name;
	85	char *remark;
718e3744	86
d62a17ae	87	struct access_master *master;
718e3744	88
d62a17ae	89	struct access_list *next;
d62a17ae	90	struct access_list *prev;
718e3744	91
d62a17ae	92	struct filter *head;
d62a17ae	93	struct filter *tail;
718e3744	94	};
718e3744	95
4cf24501 RZ	96	/* List of access_list. */
	97	struct access_list_list {
	98	struct access_list *head;
	99	struct access_list *tail;
	100	};
	101
	102	/* Master structure of access_list. */
	103	struct access_master {
4cf24501 RZ	104	/* List of access_list which name is string. */
	105	struct access_list_list str;
	106
	107	/* Hook function which is executed when new access_list is added. */
	108	void (add_hook)(struct access_list );
	109
	110	/* Hook function which is executed when access_list is deleted. */
	111	void (delete_hook)(struct access_list );
	112	};
	113
	114
718e3744	115	/* Prototypes for access-list. */
d62a17ae	116	extern void access_list_init(void);
	117	extern void access_list_reset(void);
	118	extern void access_list_add_hook(void (func)(struct access_list ));
	119	extern void access_list_delete_hook(void (func)(struct access_list ));
	120	extern struct access_list access_list_lookup(afi_t, const char );
123214ef MS	121	extern enum filter_type access_list_apply(struct access_list *access,
123214ef MS	122	const void *object);
718e3744	123
4cf24501 RZ	124	struct access_list access_list_get(afi_t afi, const char name);
	125	void access_list_delete(struct access_list *access);
	126	struct filter *filter_new(void);
	127	void access_list_filter_add(struct access_list *access,
	128	struct filter *filter);
	129	void access_list_filter_delete(struct access_list *access,
	130	struct filter *filter);
	131	int64_t filter_new_seq_get(struct access_list *access);
4cf24501	132
c2aab693 RZ	133	extern const struct frr_yang_module_info frr_filter_info;
c2aab693 RZ	134
be96651c RZ	135
	136	/* filter_nb.c */
	137	enum yang_access_list_type {
	138	YALT_IPV4 = 0,
	139	YALT_IPV6 = 1,
	140	YALT_MAC = 2,
	141	};
	142
	143	enum yang_prefix_list_type {
	144	YPLT_IPV4 = 0,
	145	YPLT_IPV6 = 1,
	146	};
	147
	148	enum yang_prefix_list_action {
	149	YPLA_DENY = 0,
	150	YPLA_PERMIT = 1,
	151	};
	152
f414129b RZ	153	struct acl_dup_args {
	154	/** Access list type ("ipv4", "ipv6" or "mac"). */
	155	const char *ada_type;
	156	/** Access list name. */
	157	const char *ada_name;
	158
18abe2b9 IR	159	/** Entry action. */
	160	const char *ada_action;
	161
f414129b RZ	162	#define ADA_MAX_VALUES 4
	163	/** Entry XPath for value. */
	164	const char *ada_xpath[ADA_MAX_VALUES];
	165	/** Entry value to match. */
	166	const char *ada_value[ADA_MAX_VALUES];
	167
	168	/** Duplicated entry found in list? */
	169	bool ada_found;
	170
a0145975 IR	171	/** Sequence number of the found entry */
	172	int64_t ada_seq;
	173
f414129b RZ	174	/** (Optional) Already existing `dnode`. */
	175	const struct lyd_node *ada_entry_dnode;
	176	};
	177
	178	/**
	179	* Check for duplicated entries using the candidate configuration.
	180	*
	181	* \param vty so we can get the candidate config.
	182	* \param ada the arguments to check.
	183	*/
	184	bool acl_is_dup(const struct lyd_node dnode, struct acl_dup_args ada);
	185
54d153f7 RZ	186	struct plist_dup_args {
	187	/** Access list type ("ipv4" or "ipv6"). */
	188	const char *pda_type;
	189	/** Access list name. */
	190	const char *pda_name;
	191
4179f151 IR	192	/** Entry action. */
	193	const char *pda_action;
	194
667dcc27 IR	195	bool any;
	196	struct prefix prefix;
	197	int ge;
	198	int le;
54d153f7 RZ	199
	200	/** Duplicated entry found in list? */
	201	bool pda_found;
	202
a0145975 IR	203	/** Sequence number of the found entry */
	204	int64_t pda_seq;
	205
54d153f7 RZ	206	/** (Optional) Already existing `dnode`. */
	207	const struct lyd_node *pda_entry_dnode;
	208	};
	209
	210	/**
	211	* Check for duplicated entries using the candidate configuration.
	212	*
	213	* \param vty so we can get the candidate config.
	214	* \param pda the arguments to check.
	215	*/
	216	bool plist_is_dup(const struct lyd_node dnode, struct plist_dup_args pda);
	217
1d3c4b66 RZ	218	/* filter_cli.c */
	219	struct lyd_node;
	220	struct vty;
	221
25605051 IR	222	extern int access_list_cmp(const struct lyd_node *dnode1,
	223	const struct lyd_node *dnode2);
	224	extern void access_list_show(struct vty vty, const struct lyd_node dnode,
1d3c4b66	225	bool show_defaults);
25605051 IR	226	extern void access_list_remark_show(struct vty *vty,
25605051 IR	227	const struct lyd_node *dnode,
1d3c4b66	228	bool show_defaults);
25605051 IR	229	extern int prefix_list_cmp(const struct lyd_node *dnode1,
	230	const struct lyd_node *dnode2);
	231	extern void prefix_list_show(struct vty vty, const struct lyd_node dnode,
1d3c4b66	232	bool show_defaults);
25605051 IR	233	extern void prefix_list_remark_show(struct vty *vty,
25605051 IR	234	const struct lyd_node *dnode,
1d3c4b66 RZ	235	bool show_defaults);
1d3c4b66 RZ	236
b62578bd RZ	237	void filter_cli_init(void);
b62578bd RZ	238
5e244469 RW	239	#ifdef __cplusplus
	240	}
	241	#endif
	242
718e3744	243	#endif /* _ZEBRA_FILTER_H */