2016-07-25 22:52:16 +00:00
|
|
|
/*
|
|
|
|
* ZeroTier One - Network Virtualization Everywhere
|
|
|
|
* Copyright (C) 2011-2016 ZeroTier, Inc. https://www.zerotier.com/
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
|
|
* (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef ZT_FILTER_HPP
|
|
|
|
#define ZT_FILTER_HPP
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
|
|
|
#include "Constants.hpp"
|
|
|
|
#include "../include/ZeroTierOne.h"
|
2016-08-04 01:04:08 +00:00
|
|
|
#include "Address.hpp"
|
|
|
|
#include "MAC.hpp"
|
2016-07-25 22:52:16 +00:00
|
|
|
|
|
|
|
namespace ZeroTier {
|
|
|
|
|
|
|
|
/**
|
2016-08-04 19:35:25 +00:00
|
|
|
* A simple network packet filter with VL1, L2, and basic L3 rule support (and tags!)
|
2016-07-25 22:52:16 +00:00
|
|
|
*/
|
|
|
|
class Filter
|
|
|
|
{
|
|
|
|
public:
|
|
|
|
/**
|
|
|
|
* Apply a list of rules to a packet
|
|
|
|
*
|
2016-07-25 23:51:10 +00:00
|
|
|
* This returns whether or not the packet should be accepted and may also
|
|
|
|
* take other actions for e.g. the TEE and REDIRECT targets.
|
2016-07-25 22:52:16 +00:00
|
|
|
*
|
2016-07-25 23:51:10 +00:00
|
|
|
* @param nwid ZeroTier network ID
|
2016-08-04 01:04:08 +00:00
|
|
|
* @param receiving True if on receiving side, false on sending side
|
2016-07-25 22:52:16 +00:00
|
|
|
* @param ztSource Source ZeroTier address
|
|
|
|
* @param ztDest Destination ZeroTier address
|
|
|
|
* @param macSource Ethernet layer source address
|
|
|
|
* @param macDest Ethernet layer destination address
|
|
|
|
* @param frameData Ethernet frame data
|
|
|
|
* @param frameLen Ethernet frame payload length
|
|
|
|
* @param etherType 16-bit ethernet type ID
|
|
|
|
* @param vlanId 16-bit VLAN ID
|
|
|
|
* @param rules Pointer to array of rules
|
|
|
|
* @param ruleCount Number of rules
|
2016-08-04 19:35:25 +00:00
|
|
|
* @param tagKeys Tag keys for tags that may be relevant
|
|
|
|
* @param tagValues Tag values for tags that may be relevant
|
|
|
|
* @param tagCount Size of tagKeys[] and tagValues[]
|
2016-08-04 01:04:08 +00:00
|
|
|
* @param sendCopyOfPacketTo Result parameter: if non-NULL send a copy of this packet to another node
|
|
|
|
* @return True if packet should be accepted for send or receive
|
2016-07-25 22:52:16 +00:00
|
|
|
*/
|
2016-07-25 23:51:10 +00:00
|
|
|
static bool run(
|
|
|
|
const uint64_t nwid,
|
2016-08-04 01:04:08 +00:00
|
|
|
const bool receiving,
|
2016-07-25 22:52:16 +00:00
|
|
|
const Address &ztSource,
|
|
|
|
const Address &ztDest,
|
|
|
|
const MAC &macSource,
|
|
|
|
const MAC &macDest,
|
|
|
|
const uint8_t *frameData,
|
|
|
|
const unsigned int frameLen,
|
|
|
|
const unsigned int etherType,
|
|
|
|
const unsigned int vlanId,
|
|
|
|
const ZT_VirtualNetworkRule *rules,
|
2016-08-04 01:04:08 +00:00
|
|
|
const unsigned int ruleCount,
|
2016-08-04 19:35:25 +00:00
|
|
|
const uint32_t *tagKeys,
|
|
|
|
const uint32_t *tagValues,
|
2016-08-04 01:04:08 +00:00
|
|
|
const unsigned int tagCount,
|
|
|
|
Address &sendCopyOfPacketTo);
|
2016-07-25 22:52:16 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
} // namespace ZeroTier
|
|
|
|
|
|
|
|
#endif
|