52 lines
1.2 KiB
C
52 lines
1.2 KiB
C
#ifndef _ACL_H_
|
|
#define _ACL_H_
|
|
|
|
#include "lwip/ip.h"
|
|
#include "lwip/pbuf.h"
|
|
|
|
#define MAX_NO_ACLS 4
|
|
#define MAX_ACL_ENTRIES 20
|
|
|
|
#define ACL_DENY 0x0
|
|
#define ACL_ALLOW 0x1
|
|
#define ACL_MONITOR 0x2
|
|
|
|
typedef struct _acl_entry
|
|
{
|
|
uint32_t src;
|
|
uint32_t s_mask;
|
|
uint32_t dest;
|
|
uint32_t d_mask;
|
|
uint16_t s_port;
|
|
uint16_t d_port;
|
|
uint8_t proto;
|
|
uint8_t allow;
|
|
uint32_t hit_count;
|
|
} acl_entry;
|
|
|
|
extern acl_entry acl[MAX_NO_ACLS][MAX_ACL_ENTRIES];
|
|
extern uint8_t acl_freep[MAX_NO_ACLS];
|
|
extern uint32_t acl_allow_count;
|
|
extern uint32_t acl_deny_count;
|
|
|
|
typedef uint8_t (*packet_deny_cb)(uint8_t proto, uint32_t saddr, uint16_t s_port, uint32_t daddr, uint16_t d_port, uint8_t allow);
|
|
|
|
void acl_init();
|
|
bool acl_is_empty(uint8_t acl_no);
|
|
void acl_clear(uint8_t acl_no);
|
|
void acl_clear_stats(uint8_t acl_no);
|
|
bool acl_add(uint8_t acl_no,
|
|
uint32_t src,
|
|
uint32_t s_mask,
|
|
uint32_t dest,
|
|
uint32_t d_mask,
|
|
uint8_t proto,
|
|
uint16_t s_port,
|
|
uint16_t d_port,
|
|
uint8_t allow);
|
|
uint8_t acl_check_packet(uint8_t acl_no, struct pbuf *p);
|
|
void acl_set_deny_cb(packet_deny_cb cb);
|
|
void acl_show(uint8_t acl_no, uint8_t *buf);
|
|
|
|
#endif /* _ACL_H_ */
|