class FirewallEntry

Firewall Table Entry. More...


Annotated List	Files	Globals	Hierarchy	Index	Top

Public Types

enum Action { ACTION_MIN = 0x00, ACTION_ANY = 0x00, ACTION_NONE = 0x01, ACTION_PASS = 0x02, ACTION_DROP = 0x03, ACTION_REJECT = 0x04, ACTION_MAX = 0x05, ACTION_INVALID = 0xff }
enum { RULE_NUMBER_DEFAULT = 0, IP_PROTOCOL_MIN = 0, IP_PROTOCOL_MAX = 255, IP_PROTOCOL_ANY = 0, PORT_MIN = 0, PORT_MAX = 65535, }

Public Methods

explicit FirewallEntry (int family)
FirewallEntry (uint32_t rule_number, const string& ifname, const string& vifname, const IPvXNet& src_network, const IPvXNet& dst_network, uint8_t ip_protocol, uint16_t src_port_begin, uint16_t src_port_end, uint16_t dst_port_begin, uint16_t dst_port_end, FirewallEntry::Action action)
bool is_ipv4 () const
bool is_ipv6 () const
uint32_t rule_number () const
const string& ifname () const
const string& vifname () const
const IPvXNet& src_network () const
const IPvXNet& dst_network () const
uint8_t ip_protocol () const
uint32_t src_port_begin () const
uint32_t src_port_end () const
uint32_t dst_port_begin () const
uint32_t dst_port_end () const
FirewallEntry::Action action () const
void zero ()
bool match (const FirewallEntry& other) const
string str () const

Public Static Methods

static string action2str (FirewallEntry::Action action)
static FirewallEntry::Action str2action (const string& name)

Detailed Description

Representation of a firewall table entry.

enum Action { ACTION_MIN = 0x00, ACTION_ANY = 0x00, ACTION_NONE = 0x01, ACTION_PASS = 0x02, ACTION_DROP = 0x03, ACTION_REJECT = 0x04, ACTION_MAX = 0x05, ACTION_INVALID = 0xff }

Action

enum { RULE_NUMBER_DEFAULT = 0, IP_PROTOCOL_MIN = 0, IP_PROTOCOL_MAX = 255, IP_PROTOCOL_ANY = 0, PORT_MIN = 0, PORT_MAX = 65535, }

explicit FirewallEntry (int family)

FirewallEntry

FirewallEntry (uint32_t rule_number, const string& ifname, const string& vifname, const IPvXNet& src_network, const IPvXNet& dst_network, uint8_t ip_protocol, uint16_t src_port_begin, uint16_t src_port_end, uint16_t dst_port_begin, uint16_t dst_port_end, FirewallEntry::Action action)

FirewallEntry

bool is_ipv4 ()

is_ipv4

[const]

Test whether this is an IPv4 entry.

Returns: true if this is an IPv4 entry, otherwise false.

bool is_ipv6 ()

is_ipv6

[const]

Test whether this is an IPv6 entry.

Returns: true if this is an IPv6 entry, otherwise false.

uint32_t rule_number ()

rule_number

[const]

const string& ifname ()

ifname

[const]

const string& vifname ()

vifname

[const]

const IPvXNet& src_network ()

src_network

[const]

const IPvXNet& dst_network ()

dst_network

[const]

uint8_t ip_protocol ()

ip_protocol

[const]

uint32_t src_port_begin ()

src_port_begin

[const]

uint32_t src_port_end ()

src_port_end

[const]

uint32_t dst_port_begin ()

dst_port_begin

[const]

uint32_t dst_port_end ()

dst_port_end

[const]

FirewallEntry::Action action ()

action

[const]

void zero ()

zero

Reset all members.

bool match (const FirewallEntry& other)

match

[const]

Comparison function for an exact match with the entry.

Note that the action is masked off in the comparison, and only the rule-match part of the tuple is evaluated.

Returns: true if the rule-match portion of the entry is matched, otherwise false.

string action2str (FirewallEntry::Action action)

action2str

[static]

Convert firewall entry action value to a string representation.

Parameters:

action

the action to convert.

Returns: the string representation of the action value.

FirewallEntry::Action str2action (const string& name)

str2action

[static]

Convert string representation to a firewall entry action value.

Parameters:

name

the name of the action. It is one of the following keywords: "none", "pass", "drop", "reject".

Returns: the firewall entry action value if the name is valid, otherwise ACTION_INVALID.

string str ()

str

[const]

Returns: a string representation of the entry.

Generated by: pavlin on kobe.xorp.net on Wed Jan 7 19:10:56 2009, using kdoc 2.0a54+XORP.