PF_RING API
API documentation for PF_RING: high-speed packet capture, filtering and analysis framework.
nbroker_api.h
Go to the documentation of this file.
1 /*
2  * Copyright (C) 2017-2018 ntop.org
3  *
4  * http://www.ntop.org/
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU Lesses General Public License as published by
8  * the Free Software Foundation; either version 2.1 of the License, or
9  * (at your option) any later version.
10  *
11  */
12 
13 #ifndef NBROKER_API
14 #define NBROKER_API
15 
22 #include <net/if.h>
23 
24 #include "rrc.h"
25 
26 /* This can be used in place of the rule_id parameters to enable automatic rule assignment */
27 #define NBROKER_AUTO_RULE_ID 0
28 
29 #define NBROKER_FLAGS_FAST (1 << 0)
31 /* ************************************************************* */
32 
33 typedef enum {
34  NBROKER_RC_OK = 0,
35  NBROKER_RC_INTERNAL_ERROR, /* a generic error */
36  NBROKER_RC_SYNTAX_ERROR,
37  NBROKER_RC_UNSUPPORTED_MODE, /* the command is not supported in the current text/binary mode */
38  NBROKER_RC_INVALID_DEVICE_PORT,
39  NBROKER_RC_INVALID_REDIRECTION_PORT,
40  NBROKER_RC_RULE_NOT_FOUND,
41  NBROKER_RC_RULE_EXISTS,
42  NBROKER_RC_DEVICE_COMMAND_ERROR, /* an error occurred while setting the command on the physical device */
43  NBROKER_RC_BAD_BINARY_VERSION,
44  NBROKER_RC_CONNECTION_ERROR,
45  NBROKER_RC_BUSY,
46 } nbroker_rc_t;
47 
48 typedef struct {
49  u_int8_t binary_mark;
50  u_int8_t binary_version;
51 } __attribute__((packed))
52 nbroker_command_header_t;
53 
54 /* ************************************************************* */
55 
56 typedef enum {
57  NBROKER_POLICY_DROP,
58  NBROKER_POLICY_PASS
59 } nbroker_policy_t;
60 
61 typedef enum {
62  NBROKER_TYPE_FILTERING,
63  NBROKER_TYPE_STEERING
64 } nbroker_filter_type_t;
65 
66 typedef struct {
67  u_int32_t rule_id;
68  rrc_match_t match;
69  union {
70  nbroker_policy_t policy;
71  u_int8_t steer_to;
72  } u;
73 } nbroker_rule_t;
74 
75 #define CMD_QUEUE_ITEMS 1024 /* pow of 2 */
76 #define CMD_QUEUE_ITEMS_MASK (CMD_QUEUE_ITEMS - 1)
77 
78 typedef enum {
79  CMD_SET_RULE = 0
80 } cmd_type_t;
81 
82 typedef struct {
83  cmd_type_t type;
84  struct {
85  char port[IFNAMSIZ];
86  nbroker_filter_type_t type;
87  u_int32_t rule_id;
88  rrc_match_t match;
89  nbroker_policy_t policy;
90  char redirectionPort[IFNAMSIZ];
91  } rule;
92 } cmd_desc_t;
93 
94 typedef struct {
95  u_int64_t head;
96  u_int64_t tail;
97  cmd_desc_t desc[CMD_QUEUE_ITEMS];
98 } cmd_queue_t;
99 
100 typedef struct nbroker {
101  void *zmq_context, *zmq_requester;
102  int breakloop;
103  u_int32_t flags;
104  pthread_t cmdqthread;
105  cmd_queue_t cmdq;
106 } nbroker_t;
107 
108 /* ************************************************************* */
109 
116 nbroker_rc_t nbroker_init(nbroker_t **bkr, u_int32_t flags);
117 
123 nbroker_rc_t nbroker_term(nbroker_t *bkr);
124 
133 nbroker_rc_t nbroker_set_default_policy(nbroker_t *bkr, const char *port, nbroker_policy_t policy);
134 
140 nbroker_rc_t nbroker_apply_pending_rules(nbroker_t *bkr);
141 
150 nbroker_rc_t nbroker_set_default_steering(nbroker_t *bkr, const char *port, const char *steer_to);
151 
162 nbroker_rc_t nbroker_set_filtering_rule(nbroker_t *bkr, const char *port,
163  u_int32_t *rule_id, const rrc_match_t *match, nbroker_policy_t policy);
164 
174 nbroker_rc_t nbroker_set_steering_rule(nbroker_t *bkr, const char *port,
175  u_int32_t *rule_id, const rrc_match_t *match, const char *steer_to);
176 
185 nbroker_rc_t nbroker_remove_rule_by_id(nbroker_t *bkr, const char *port,
186  u_int32_t rule_id, nbroker_filter_type_t filter_type);
187 
196 nbroker_rc_t nbroker_remove_rule_by_match(nbroker_t *bkr, const char *port,
197  const rrc_match_t *match, nbroker_filter_type_t filter_type);
198 
208 nbroker_rc_t nbroker_list_rules(nbroker_t *bkr, const char *port,
209  nbroker_filter_type_t filter_type, u_int32_t *num_rules, nbroker_rule_t **rules);
210 
219 nbroker_rc_t nbroker_reset_rules(nbroker_t *bkr, const char *port, nbroker_filter_type_t filter_type);
220 
227 nbroker_rc_t nbroker_purge_idle_rules(nbroker_t *bkr, u_int32_t idle_for);
228 
236 nbroker_rc_t nbroker_set_auto_purge(nbroker_t *bkr, u_int32_t idle_for);
237 
245 nbroker_rc_t nbroker_ifname_to_internal_port(nbroker_t *bkr, const char *ifname, u_int8_t *port);
246 
254 nbroker_rc_t nbroker_ifname_to_external_port(nbroker_t *bkr, const char *ifname, u_int8_t *port);
255 
262 rrc_match_t* nbroker_parse_rule(const char *rule);
263 
264 /* TODO
265  * nbroker_rc_t nbroker_get_port_stats(const char *port, nbroker_stats_t *stats);
266  * nbroker_rc_t nbroker_get_rule_stats(const char *port, u_int32_t rule_id, nbroker_stats_t *stats);
267  */
268 
269 #endif
nbroker_rule_t::rule_id
u_int32_t rule_id
Definition: nbroker_api.h:67
cmd_queue_t
Definition: nbroker_api.h:94
nbroker
Definition: nbroker_api.h:100
nbroker_rule_t
Definition: nbroker_api.h:66
nbroker_set_steering_rule
nbroker_rc_t nbroker_set_steering_rule(nbroker_t *bkr, const char *port, u_int32_t *rule_id, const rrc_match_t *match, const char *steer_to)
__attribute__
Definition: pf_ring.h:259
nbroker_remove_rule_by_id
nbroker_rc_t nbroker_remove_rule_by_id(nbroker_t *bkr, const char *port, u_int32_t rule_id, nbroker_filter_type_t filter_type)
nbroker_rule_t::policy
nbroker_policy_t policy
Definition: nbroker_api.h:70
nbroker_term
nbroker_rc_t nbroker_term(nbroker_t *bkr)
nbroker_reset_rules
nbroker_rc_t nbroker_reset_rules(nbroker_t *bkr, const char *port, nbroker_filter_type_t filter_type)
nbroker_rule_t::match
rrc_match_t match
Definition: nbroker_api.h:68
nbroker_remove_rule_by_match
nbroker_rc_t nbroker_remove_rule_by_match(nbroker_t *bkr, const char *port, const rrc_match_t *match, nbroker_filter_type_t filter_type)
nbroker_set_default_steering
nbroker_rc_t nbroker_set_default_steering(nbroker_t *bkr, const char *port, const char *steer_to)
nbroker_set_auto_purge
nbroker_rc_t nbroker_set_auto_purge(nbroker_t *bkr, u_int32_t idle_for)
cmd_desc_t
Definition: nbroker_api.h:82
nbroker_ifname_to_internal_port
nbroker_rc_t nbroker_ifname_to_internal_port(nbroker_t *bkr, const char *ifname, u_int8_t *port)
nbroker_ifname_to_external_port
nbroker_rc_t nbroker_ifname_to_external_port(nbroker_t *bkr, const char *ifname, u_int8_t *port)
nbroker_set_filtering_rule
nbroker_rc_t nbroker_set_filtering_rule(nbroker_t *bkr, const char *port, u_int32_t *rule_id, const rrc_match_t *match, nbroker_policy_t policy)
nbroker_set_default_policy
nbroker_rc_t nbroker_set_default_policy(nbroker_t *bkr, const char *port, nbroker_policy_t policy)
nbroker_rule_t::steer_to
u_int8_t steer_to
Definition: nbroker_api.h:71
rrc.h
RRC library header file (low-level API to configure the switch).
nbroker_list_rules
nbroker_rc_t nbroker_list_rules(nbroker_t *bkr, const char *port, nbroker_filter_type_t filter_type, u_int32_t *num_rules, nbroker_rule_t **rules)
nbroker_purge_idle_rules
nbroker_rc_t nbroker_purge_idle_rules(nbroker_t *bkr, u_int32_t idle_for)
nbroker_init
nbroker_rc_t nbroker_init(nbroker_t **bkr, u_int32_t flags)
nbroker_apply_pending_rules
nbroker_rc_t nbroker_apply_pending_rules(nbroker_t *bkr)
nbroker_parse_rule
rrc_match_t * nbroker_parse_rule(const char *rule)