xorp

firewall_set_pf.hh

00001 // -*- c-basic-offset: 4; tab-width: 8; indent-tabs-mode: t -*-
00002 
00003 // Copyright (c) 2001-2011 XORP, Inc and Others
00004 //
00005 // This program is free software; you can redistribute it and/or modify
00006 // it under the terms of the GNU General Public License, Version 2, June
00007 // 1991 as published by the Free Software Foundation. Redistribution
00008 // and/or modification of this program under the terms of any other
00009 // version of the GNU General Public License is not permitted.
00010 // 
00011 // This program is distributed in the hope that it will be useful, but
00012 // WITHOUT ANY WARRANTY; without even the implied warranty of
00013 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. For more details,
00014 // see the GNU General Public License, Version 2, a copy of which can be
00015 // found in the XORP LICENSE.gpl file.
00016 // 
00017 // XORP Inc, 2953 Bunker Hill Lane, Suite 204, Santa Clara, CA 95054, USA;
00018 // http://xorp.net
00019 
00020 // $XORP: xorp/fea/data_plane/firewall/firewall_set_pf.hh,v 1.5 2008/10/02 21:57:03 bms Exp $
00021 
00022 #ifndef __FEA_DATA_PLANE_FIREWALL_FIREWALL_SET_PF_HH__
00023 #define __FEA_DATA_PLANE_FIREWALL_FIREWALL_SET_PF_HH__
00024 
00025 
00026 
00027 #include "fea/firewall_set.hh"
00028 
00029 
00030 class FirewallSetPf : public FirewallSet {
00031 public:
00032     // Firewall entries trie indexed by rule number
00033     typedef map<uint32_t, FirewallEntry> FirewallTrie;
00034 
00041     FirewallSetPf(FeaDataPlaneManager& fea_data_plane_manager);
00042 
00046     virtual ~FirewallSetPf();
00047 
00054     virtual int start(string& error_msg);
00055     
00062     virtual int stop(string& error_msg);
00063 
00073     virtual int update_entries(const list<FirewallEntry>& added_entries,
00074                    const list<FirewallEntry>& replaced_entries,
00075                    const list<FirewallEntry>& deleted_entries,
00076                    string& error_msg);
00077 
00086     virtual int set_table4(const list<FirewallEntry>& firewall_entry_list,
00087                string& error_msg);
00088 
00095     virtual int delete_all_entries4(string& error_msg);
00096 
00105     virtual int set_table6(const list<FirewallEntry>& firewall_entry_list,
00106                string& error_msg);
00107 
00114     virtual int delete_all_entries6(string& error_msg);
00115 
00116 private:
00117 
00125     virtual int add_entry(const FirewallEntry& firewall_entry,
00126               string& error_msg);
00127 
00135     virtual int replace_entry(const FirewallEntry& firewall_entry,
00136                   string& error_msg);
00137 
00145     virtual int delete_entry(const FirewallEntry& firewall_entry,
00146                  string& error_msg);
00147 
00155     int start_transaction(uint32_t& ticket, string& error_msg);
00156 
00164     int commit_transaction(uint32_t ticket, string& error_msg);
00165 
00173     int abort_transaction(uint32_t ticket, string& error_msg);
00174 
00181     int push_entries(string& error_msg);
00182 
00192     int add_delete_transaction_entry(bool is_add, uint32_t ticket,
00193                      const FirewallEntry& firewall_entry,
00194                      string& error_msg);
00195 
00196     int     _fd;        // The file descriptor for firewall access
00197 
00198     // The locally saved firewall entries
00199     FirewallTrie    _firewall_entries4;
00200     FirewallTrie    _firewall_entries6;
00201 
00202     static const string _pf_device_name;    // The PF device name
00203 };
00204 
00205 #endif // __FEA_DATA_PLANE_FIREWALL_FIREWALL_SET_PF_HH__
 All Classes Namespaces Functions Variables Typedefs Enumerations