xorp

FirewallManager Class Reference

Firewall configuration manager. More...

#include <firewall_manager.hh>

List of all members.

Classes

class  BrowseState

Public Member Functions

 FirewallManager (FeaNode &fea_node, const IfTree &iftree)
 Constructor.
virtual ~FirewallManager ()
 Virtual destructor.
EventLoopeventloop ()
 Get a reference to the EventLoop instance.
const IfTreeiftree () const
 Get a reference to the interface configuration.
ProcessStatus status (string &reason) const
 Get the status code.
int start_transaction (uint32_t &tid, string &error_msg)
 Start firewall-related transaction.
int commit_transaction (uint32_t tid, string &error_msg)
 Commit firewall-related transaction.
int abort_transaction (uint32_t tid, string &error_msg)
 Abort firewall-related transaction.
int add_transaction_operation (uint32_t tid, const TransactionManager::Operation &op, string &error_msg)
 Add operation to firewall-related transaction.
int register_firewall_get (FirewallGet *firewall_get, bool is_exclusive)
 Register FirewallGet plugin.
int unregister_firewall_get (FirewallGet *firewall_get)
 Unregister FirewallGet plugin.
int register_firewall_set (FirewallSet *firewall_set, bool is_exclusive)
 Register FirewallSet plugin.
int unregister_firewall_set (FirewallSet *firewall_set)
 Unregister FirewallSet plugin.
int start (string &error_msg)
 Start operation.
int stop (string &error_msg)
 Stop operation.
int add_entry (const FirewallEntry &firewall_entry, string &error_msg)
 Add a single firewall entry that will be pushed into the underlying system.
int replace_entry (const FirewallEntry &firewall_entry, string &error_msg)
 Replace a single firewall entry that will be pushed into the underlying system.
int delete_entry (const FirewallEntry &firewall_entry, string &error_msg)
 Delete a single firewall entry that will be pushed into the underlying system.
int set_table4 (const list< FirewallEntry > &firewall_entry_list, string &error_msg)
 Set the IPv4 firewall table.
int set_table6 (const list< FirewallEntry > &firewall_entry_list, string &error_msg)
 Set the IPv6 firewall table.
int delete_all_entries4 (string &error_msg)
 Delete all entries in the IPv4 firewall table.
int delete_all_entries6 (string &error_msg)
 Delete all entries in the IPv6 firewall table.
int get_table4 (list< FirewallEntry > &firewall_entry_list, string &error_msg)
 Obtain the IPv4 firewall table.
int get_table6 (list< FirewallEntry > &firewall_entry_list, string &error_msg)
 Obtain the IPv6 firewall table.
int get_entry_list_start4 (uint32_t &token, bool &more, string &error_msg)
 Get a token for a list of IPv4 firewall entries.
int get_entry_list_start6 (uint32_t &token, bool &more, string &error_msg)
 Get a token for a list of IPv6 firewall entries.
int get_entry_list_next4 (uint32_t token, FirewallEntry &firewall_entry, bool &more, string &error_msg)
 Get the next item in a list of IPv4 firewall entries.
int get_entry_list_next6 (uint32_t token, FirewallEntry &firewall_entry, bool &more, string &error_msg)
 Get the next item in a list of IPv6 firewall entries.
void delete_browse_state (uint32_t token)
 Delete browse state for a particular token.

Private Member Functions

int update_entries (string &error_msg)
 Update the firewall entries by pushing them into the underlying system.
void generate_token ()
 Generate a new token that is available.

Private Attributes

FeaNode_fea_node
EventLoop_eventloop
const IfTree_iftree
FirewallTransactionManager_ftm
list< FirewallGet * > _firewall_gets
list< FirewallSet * > _firewall_sets
uint32_t _next_token
map< uint32_t, BrowseState * > _browse_db
list< FirewallEntry_added_entries
list< FirewallEntry_replaced_entries
list< FirewallEntry_deleted_entries
bool _is_running

Detailed Description

Firewall configuration manager.


Constructor & Destructor Documentation

FirewallManager::FirewallManager ( FeaNode fea_node,
const IfTree iftree 
)

Constructor.

Parameters:
fea_nodethe FEA node.
iftreethe interface configuration tree to use.

Member Function Documentation

int FirewallManager::abort_transaction ( uint32_t  tid,
string &  error_msg 
)

Abort firewall-related transaction.

Parameters:
tidthe transaction ID.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::add_entry ( const FirewallEntry firewall_entry,
string &  error_msg 
)

Add a single firewall entry that will be pushed into the underlying system.

Parameters:
firewall_entrythe entry to add.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::add_transaction_operation ( uint32_t  tid,
const TransactionManager::Operation op,
string &  error_msg 
)

Add operation to firewall-related transaction.

Parameters:
tidthe transaction ID.
opthe operation to add.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::commit_transaction ( uint32_t  tid,
string &  error_msg 
)

Commit firewall-related transaction.

Parameters:
tidthe transaction ID.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::delete_all_entries4 ( string &  error_msg)

Delete all entries in the IPv4 firewall table.

Parameters:
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::delete_all_entries6 ( string &  error_msg)

Delete all entries in the IPv6 firewall table.

Parameters:
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
void FirewallManager::delete_browse_state ( uint32_t  token)

Delete browse state for a particular token.

Parameters:
tokenthe token for the state to delete.
int FirewallManager::delete_entry ( const FirewallEntry firewall_entry,
string &  error_msg 
)

Delete a single firewall entry that will be pushed into the underlying system.

Parameters:
firewall_entrythe entry to delete.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
EventLoop& FirewallManager::eventloop ( ) [inline]

Get a reference to the EventLoop instance.

Returns:
a reference to the EventLoop instance.
int FirewallManager::get_entry_list_next4 ( uint32_t  token,
FirewallEntry firewall_entry,
bool &  more,
string &  error_msg 
)

Get the next item in a list of IPv4 firewall entries.

Parameters:
tokenreturned by a previous call to get_entry_list_start4.
firewall_entrythe firewall entry.
moretrue if the list has more items remaining.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::get_entry_list_next6 ( uint32_t  token,
FirewallEntry firewall_entry,
bool &  more,
string &  error_msg 
)

Get the next item in a list of IPv6 firewall entries.

Parameters:
tokenreturned by a previous call to get_entry_list_start6.
firewall_entrythe firewall entry.
moretrue if the list has more items remaining.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::get_entry_list_start4 ( uint32_t &  token,
bool &  more,
string &  error_msg 
)

Get a token for a list of IPv4 firewall entries.

Parameters:
tokento be provided when calling get_entry_list_next4.
moretrue if the list is not empty.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::get_entry_list_start6 ( uint32_t &  token,
bool &  more,
string &  error_msg 
)

Get a token for a list of IPv6 firewall entries.

Parameters:
tokento be provided when calling get_entry_list_next6.
moretrue if the list is not empty.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::get_table4 ( list< FirewallEntry > &  firewall_entry_list,
string &  error_msg 
)

Obtain the IPv4 firewall table.

Parameters:
firewall_entry_listthe return-by-reference list with all entries in the IPv4 firewall table.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::get_table6 ( list< FirewallEntry > &  firewall_entry_list,
string &  error_msg 
)

Obtain the IPv6 firewall table.

Parameters:
firewall_entry_listthe return-by-reference list with all entries in the IPv6 firewall table.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
const IfTree& FirewallManager::iftree ( ) const [inline]

Get a reference to the interface configuration.

Returns:
a reference to the interface configuration.
int FirewallManager::register_firewall_get ( FirewallGet firewall_get,
bool  is_exclusive 
)

Register FirewallGet plugin.

Parameters:
firewall_getthe plugin to register.
is_exclusiveif true, the plugin is registered as the exclusive plugin, otherwise is added to the list of plugins.
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::register_firewall_set ( FirewallSet firewall_set,
bool  is_exclusive 
)

Register FirewallSet plugin.

Parameters:
firewall_setthe plugin to register.
is_exclusiveif true, the plugin is registered as the exclusive plugin, otherwise is added to the list of plugins.
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::replace_entry ( const FirewallEntry firewall_entry,
string &  error_msg 
)

Replace a single firewall entry that will be pushed into the underlying system.

Parameters:
firewall_entrythe entry to replace.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::set_table4 ( const list< FirewallEntry > &  firewall_entry_list,
string &  error_msg 
)

Set the IPv4 firewall table.

Parameters:
firewall_entry_listthe list with all entries to install into the IPv4 firewall table.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::set_table6 ( const list< FirewallEntry > &  firewall_entry_list,
string &  error_msg 
)

Set the IPv6 firewall table.

Parameters:
firewall_entry_listthe list with all entries to install into the IPv6 firewall table.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::start ( string &  error_msg)

Start operation.

Parameters:
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::start_transaction ( uint32_t &  tid,
string &  error_msg 
)

Start firewall-related transaction.

Parameters:
tidthe return-by-reference new transaction ID.
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
ProcessStatus FirewallManager::status ( string &  reason) const

Get the status code.

Parameters:
reasonthe human-readable reason for any failure.
Returns:
the status code.
int FirewallManager::stop ( string &  error_msg)

Stop operation.

Parameters:
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::unregister_firewall_get ( FirewallGet firewall_get)

Unregister FirewallGet plugin.

Parameters:
firewall_getthe plugin to unregister.
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::unregister_firewall_set ( FirewallSet firewall_set)

Unregister FirewallSet plugin.

Parameters:
firewall_setthe plugin to unregister.
Returns:
XORP_OK on success, otherwise XORP_ERROR.
int FirewallManager::update_entries ( string &  error_msg) [private]

Update the firewall entries by pushing them into the underlying system.

Parameters:
error_msgthe error message (if error).
Returns:
XORP_OK on success, otherwise XORP_ERROR.

The documentation for this class was generated from the following files:
 All Classes Namespaces Functions Variables Typedefs Enumerations