2007-02-14 16:26:42 +00:00
|
|
|
/*
|
2008-11-07 16:43:23 +00:00
|
|
|
* Copyright (C) 2007, 2008 Red Hat, Inc.
|
2007-02-14 16:26:42 +00:00
|
|
|
*
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
*
|
|
|
|
* Authors:
|
|
|
|
* Mark McLoughlin <markmc@redhat.com>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef __QEMUD_IPTABLES_H__
|
2010-03-09 18:22:22 +00:00
|
|
|
# define __QEMUD_IPTABLES_H__
|
2007-02-14 16:26:42 +00:00
|
|
|
|
Convert virNetwork to use virSocketAddr everywhere
Instead of storing the IP address string in virNetwork related
structs, store the parsed virSocketAddr. This will make it
easier to add IPv6 support in the future, by letting driver
code directly check what address family is present
* src/conf/network_conf.c, src/conf/network_conf.h,
src/network/bridge_driver.c: Convert to use virSocketAddr
in virNetwork, instead of char *.
* src/util/bridge.c, src/util/bridge.h,
src/util/dnsmasq.c, src/util/dnsmasq.h,
src/util/iptables.c, src/util/iptables.h: Convert to
take a virSocketAddr instead of char * for any IP
address parameters
* src/util/network.h: Add macros to determine if an address
is set, and what address family is set.
2010-10-21 12:14:33 +00:00
|
|
|
# include "network.h"
|
|
|
|
|
2007-02-14 16:26:42 +00:00
|
|
|
typedef struct _iptablesContext iptablesContext;
|
|
|
|
|
|
|
|
iptablesContext *iptablesContextNew (void);
|
|
|
|
void iptablesContextFree (iptablesContext *ctx);
|
|
|
|
|
|
|
|
int iptablesAddTcpInput (iptablesContext *ctx,
|
|
|
|
const char *iface,
|
|
|
|
int port);
|
|
|
|
int iptablesRemoveTcpInput (iptablesContext *ctx,
|
|
|
|
const char *iface,
|
|
|
|
int port);
|
|
|
|
|
|
|
|
int iptablesAddUdpInput (iptablesContext *ctx,
|
|
|
|
const char *iface,
|
|
|
|
int port);
|
|
|
|
int iptablesRemoveUdpInput (iptablesContext *ctx,
|
|
|
|
const char *iface,
|
|
|
|
int port);
|
|
|
|
|
2007-04-10 23:17:46 +00:00
|
|
|
int iptablesAddForwardAllowOut (iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2007-03-13 22:43:22 +00:00
|
|
|
const char *iface,
|
2007-04-10 23:17:46 +00:00
|
|
|
const char *physdev);
|
|
|
|
int iptablesRemoveForwardAllowOut (iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2007-03-13 22:43:22 +00:00
|
|
|
const char *iface,
|
2007-04-10 23:17:46 +00:00
|
|
|
const char *physdev);
|
2008-03-28 20:38:21 +00:00
|
|
|
|
|
|
|
int iptablesAddForwardAllowRelatedIn(iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2008-03-28 20:38:21 +00:00
|
|
|
const char *iface,
|
|
|
|
const char *physdev);
|
|
|
|
int iptablesRemoveForwardAllowRelatedIn(iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2008-03-28 20:38:21 +00:00
|
|
|
const char *iface,
|
|
|
|
const char *physdev);
|
2007-02-14 16:26:42 +00:00
|
|
|
|
2007-04-10 23:17:46 +00:00
|
|
|
int iptablesAddForwardAllowIn (iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2007-03-13 22:43:22 +00:00
|
|
|
const char *iface,
|
2007-04-10 23:17:46 +00:00
|
|
|
const char *physdev);
|
|
|
|
int iptablesRemoveForwardAllowIn (iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2007-03-13 22:43:22 +00:00
|
|
|
const char *iface,
|
2007-04-10 23:17:46 +00:00
|
|
|
const char *physdev);
|
|
|
|
|
|
|
|
int iptablesAddForwardAllowCross (iptablesContext *ctx,
|
|
|
|
const char *iface);
|
|
|
|
int iptablesRemoveForwardAllowCross (iptablesContext *ctx,
|
|
|
|
const char *iface);
|
|
|
|
|
|
|
|
int iptablesAddForwardRejectOut (iptablesContext *ctx,
|
|
|
|
const char *iface);
|
|
|
|
int iptablesRemoveForwardRejectOut (iptablesContext *ctx,
|
|
|
|
const char *iface);
|
|
|
|
|
|
|
|
int iptablesAddForwardRejectIn (iptablesContext *ctx,
|
|
|
|
const char *iface);
|
|
|
|
int iptablesRemoveForwardRejectIn (iptablesContext *ctx,
|
|
|
|
const char *iface);
|
2007-02-14 16:26:42 +00:00
|
|
|
|
2007-04-10 23:17:46 +00:00
|
|
|
int iptablesAddForwardMasquerade (iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2010-06-10 16:50:38 +00:00
|
|
|
const char *physdev,
|
|
|
|
const char *protocol);
|
2007-04-10 23:17:46 +00:00
|
|
|
int iptablesRemoveForwardMasquerade (iptablesContext *ctx,
|
2010-10-25 14:10:33 +00:00
|
|
|
virSocketAddr *netaddr,
|
2010-11-30 19:35:58 +00:00
|
|
|
unsigned int prefix,
|
2010-06-10 16:50:38 +00:00
|
|
|
const char *physdev,
|
|
|
|
const char *protocol);
|
2010-07-13 02:59:58 +00:00
|
|
|
int iptablesAddOutputFixUdpChecksum (iptablesContext *ctx,
|
|
|
|
const char *iface,
|
|
|
|
int port);
|
|
|
|
int iptablesRemoveOutputFixUdpChecksum (iptablesContext *ctx,
|
|
|
|
const char *iface,
|
|
|
|
int port);
|
2007-02-14 16:26:42 +00:00
|
|
|
|
|
|
|
#endif /* __QEMUD_IPTABLES_H__ */
|