|
xorp
|
Public Types | |
|
typedef map< uint32_t, FirewallEntry > | FirewallTrie |
Public Member Functions | |
| FirewallSetNetfilter (FeaDataPlaneManager &fea_data_plane_manager) | |
| Constructor. | |
| virtual | ~FirewallSetNetfilter () |
| Virtual destructor. | |
| virtual int | start (string &error_msg) |
| Start operation. | |
| virtual int | stop (string &error_msg) |
| Stop operation. | |
| virtual int | update_entries (const list< FirewallEntry > &added_entries, const list< FirewallEntry > &replaced_entries, const list< FirewallEntry > &deleted_entries, string &error_msg) |
| Update the firewall entries by pushing them into the underlying system. | |
| virtual int | set_table4 (const list< FirewallEntry > &firewall_entry_list, string &error_msg) |
| Set the IPv4 firewall table. | |
| virtual int | delete_all_entries4 (string &error_msg) |
| Delete all entries in the IPv4 firewall table. | |
| virtual int | set_table6 (const list< FirewallEntry > &firewall_entry_list, string &error_msg) |
| Set the IPv6 firewall table. | |
| virtual int | delete_all_entries6 (string &error_msg) |
| Delete all entries in the IPv6 firewall table. | |
Private Member Functions | |
| virtual int | add_entry (const FirewallEntry &firewall_entry, string &error_msg) |
| Add a single firewall entry. | |
| virtual int | replace_entry (const FirewallEntry &firewall_entry, string &error_msg) |
| Replace a single firewall entry. | |
| virtual int | delete_entry (const FirewallEntry &firewall_entry, string &error_msg) |
| Delete a single firewall entry. | |
| int | encode_chain4 (const string &chain_name, vector< uint8_t > &buffer, size_t &next_data_index, string &error_msg) |
| Encode a single IPv4 firewall chain. | |
| int | encode_chain6 (const string &chain_name, vector< uint8_t > &buffer, size_t &next_data_index, string &error_msg) |
| Encode a single IPv6 firewall chain. | |
| int | encode_entry4 (const FirewallEntry &firewall_entry, vector< uint8_t > &buffer, size_t &next_data_index, string &error_msg) |
| Encode a single IPv4 firewall entry. | |
| int | encode_entry6 (const FirewallEntry &firewall_entry, vector< uint8_t > &buffer, size_t &next_data_index, string &error_msg) |
| Encode a single IPv6 firewall entry. | |
| int | push_entries4 (string &error_msg) |
| Push all locally stored IPv4 firewall entries. | |
| int | push_entries6 (string &error_msg) |
| Push all locally stored IPv6 firewall entries. | |
Private Attributes | |
| int | _s4 |
| int | _s6 |
| FirewallTrie | _firewall_entries4 |
| FirewallTrie | _firewall_entries6 |
| size_t | _num_entries |
| size_t | _head_offset |
| size_t | _foot_offset |
Static Private Attributes | |
| static const string | _netfilter_table_name |
| static const string | _netfilter_match_tcp |
| static const string | _netfilter_match_udp |
| static const string | _netfilter_chain_input |
| static const string | _netfilter_chain_forward |
| static const string | _netfilter_chain_output |
| FirewallSetNetfilter::FirewallSetNetfilter | ( | FeaDataPlaneManager & | fea_data_plane_manager | ) |
Constructor.
| fea_data_plane_manager | the corresponding data plane manager (FeaDataPlaneManager). |
| virtual int FirewallSetNetfilter::add_entry | ( | const FirewallEntry & | firewall_entry, |
| string & | error_msg | ||
| ) | [private, virtual] |
| virtual int FirewallSetNetfilter::delete_all_entries4 | ( | string & | error_msg | ) | [virtual] |
Delete all entries in the IPv4 firewall table.
| error_msg | the error message (if error). |
Implements FirewallSet.
| virtual int FirewallSetNetfilter::delete_all_entries6 | ( | string & | error_msg | ) | [virtual] |
Delete all entries in the IPv6 firewall table.
| error_msg | the error message (if error). |
Implements FirewallSet.
| virtual int FirewallSetNetfilter::delete_entry | ( | const FirewallEntry & | firewall_entry, |
| string & | error_msg | ||
| ) | [private, virtual] |
| int FirewallSetNetfilter::encode_chain4 | ( | const string & | chain_name, |
| vector< uint8_t > & | buffer, | ||
| size_t & | next_data_index, | ||
| string & | error_msg | ||
| ) | [private] |
Encode a single IPv4 firewall chain.
| chain_name | the name of the chain to encode. |
| buffer | the buffer to store the encoded chain. |
| next_data_index | the return-by-reference index into the buffer with the location to store the encoded chain. |
| error_msg | the error message (if error). |
| int FirewallSetNetfilter::encode_chain6 | ( | const string & | chain_name, |
| vector< uint8_t > & | buffer, | ||
| size_t & | next_data_index, | ||
| string & | error_msg | ||
| ) | [private] |
Encode a single IPv6 firewall chain.
| chain_name | the name of the chain to encode. |
| buffer | the buffer to store the encoded chain. |
| next_data_index | the return-by-reference index into the buffer with the location to store the encoded chain. |
| error_msg | the error message (if error). |
| int FirewallSetNetfilter::encode_entry4 | ( | const FirewallEntry & | firewall_entry, |
| vector< uint8_t > & | buffer, | ||
| size_t & | next_data_index, | ||
| string & | error_msg | ||
| ) | [private] |
Encode a single IPv4 firewall entry.
| firewall_entry | the entry to encode. |
| buffer | the buffer to store the encoded entry. |
| next_data_index | the return-by-reference index into the buffer to store the encoded entry. |
| error_msg | the error message (if error). |
| int FirewallSetNetfilter::encode_entry6 | ( | const FirewallEntry & | firewall_entry, |
| vector< uint8_t > & | buffer, | ||
| size_t & | next_data_index, | ||
| string & | error_msg | ||
| ) | [private] |
Encode a single IPv6 firewall entry.
| firewall_entry | the entry to encode. |
| buffer | the buffer to store the encoded entry. |
| next_data_index | the return-by-reference index into the buffer to store the encoded entry. |
| error_msg | the error message (if error). |
| int FirewallSetNetfilter::push_entries4 | ( | string & | error_msg | ) | [private] |
| int FirewallSetNetfilter::push_entries6 | ( | string & | error_msg | ) | [private] |
| virtual int FirewallSetNetfilter::replace_entry | ( | const FirewallEntry & | firewall_entry, |
| string & | error_msg | ||
| ) | [private, virtual] |
| virtual int FirewallSetNetfilter::set_table4 | ( | const list< FirewallEntry > & | firewall_entry_list, |
| string & | error_msg | ||
| ) | [virtual] |
| virtual int FirewallSetNetfilter::set_table6 | ( | const list< FirewallEntry > & | firewall_entry_list, |
| string & | error_msg | ||
| ) | [virtual] |
| virtual int FirewallSetNetfilter::start | ( | string & | error_msg | ) | [virtual] |
Start operation.
| error_msg | the error message (if error). |
Implements FirewallSet.
| virtual int FirewallSetNetfilter::stop | ( | string & | error_msg | ) | [virtual] |
Stop operation.
| error_msg | the error message (if error). |
Implements FirewallSet.
| virtual int FirewallSetNetfilter::update_entries | ( | const list< FirewallEntry > & | added_entries, |
| const list< FirewallEntry > & | replaced_entries, | ||
| const list< FirewallEntry > & | deleted_entries, | ||
| string & | error_msg | ||
| ) | [virtual] |
Update the firewall entries by pushing them into the underlying system.
| added_entries | the entries to add. |
| replaced_entries | the entries to replace. |
| deleted_entries | the deleted entries. |
| error_msg | the error message (if error). |
Implements FirewallSet.
1.7.3 
