ipc.h

基于TDI驱动编写的个人防火墙程序。包括驱动模块、应用层规则配置及加载模块。

// -*- mode: C++; tab-width: 4; indent-tabs-mode: nil -*- (for GNU Emacs)
//
// $Id: ipc.h,v 1.5 2002/12/05 13:03:54 dev Exp $

#ifndef _ipc_h_
#define _ipc_h_

/* ioctls */

#define FILE_DEVICE_TDI_FW		0x8e86

#define IOCTL_CMD_GETREQUEST	CTL_CODE(FILE_DEVICE_TDI_FW, 0x801, METHOD_BUFFERED, FILE_WRITE_DATA)
#define IOCTL_CMD_CLEARCHAIN	CTL_CODE(FILE_DEVICE_TDI_FW, 0x802, METHOD_BUFFERED, FILE_READ_DATA)
#define IOCTL_CMD_APPENDRULE	CTL_CODE(FILE_DEVICE_TDI_FW, 0x804, METHOD_BUFFERED, FILE_READ_DATA)
#define IOCTL_CMD_SETCHAINPNAME	CTL_CODE(FILE_DEVICE_TDI_FW, 0x805, METHOD_BUFFERED, FILE_READ_DATA)
#define IOCTL_CMD_SETPNAME		CTL_CODE(FILE_DEVICE_TDI_FW, 0x806, METHOD_BUFFERED, FILE_READ_DATA)

/*
 * direction type for filter
 * for quick filter:
 *  if proto == IPPROTO_TCP (DIRECTION_IN - accept connections; DIRECTION_OUT - connect)
 *  if proto == IPPROTO_UDP (DIRECTION_IN - receive datagram; DIRECTION_OUT - send datagram)
 */
#define DIRECTION_IN    1
#define DIRECTION_OUT   2

/* filter result */
#define FILTER_ALLOW    1
#define FILTER_DENY     2

/* types of request */
#define TYPE_CONNECT		1
#define TYPE_DATAGRAM		2
#define TYPE_RESOLVE_PID	3

/*
 * request for filter
 */
struct flt_request {
	int		struct_size;	/* should be sizeof(flt_request) */

	int		type;			/* see TYPE_xxx */

	int		result;			/* see FILTER_xxx */
	int		direction;		/* see DIRECTION_xxx */
	int		proto;			/* see IPPROTO_xxx */

	ULONG	pid;

	/* addr */

	struct {
		struct	sockaddr from;
		struct	sockaddr to;
		int		len;
	} addr;

	/* info for logging */

	ULONG	log_skipped;
	
	/* for internal use (like private:) */

	char	*pname;
};

/*
 * IP rule for quick filter (addr & port are in network order)
 */
struct flt_rule {
	union {
		struct	flt_rule *next;		// for internal use
		int		chain;				// useful for IOCTL_CMD_APPENDRULE
	};
	int		result;
	int		proto;
	int		direction;
	ULONG	addr_from;
	ULONG	mask_from;
	USHORT	port_from;
	USHORT	port2_from;		/* if nonzero use port range from port_from */
	ULONG	addr_to;
	ULONG	mask_to;
	USHORT	port_to;
	USHORT	port2_to;		/* if nonzero use port range from port_to */
	int		log;			/* if nonzero log using of this rule */
};

// I think 32 is a good number :-) (better than 64 :))
#define MAX_CHAINS_COUNT	32

#endif