Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

144 lines
3.8 KiB

  1. /*++
  2. Copyright (c) 1999-2001 Microsoft Corporation
  3. Module Name:
  4. ipfirewall.h
  5. Abstract:
  6. Header file for IP firewall hook clients.
  7. --*/
  8. #define INVALID_IF_INDEX 0xffffffff
  9. #define LOCAL_IF_INDEX 0
  10. //
  11. // Indicates whether it is a transmitted or received packet.
  12. //
  13. typedef enum _IP_DIRECTION_E {
  14. IP_TRANSMIT,
  15. IP_RECEIVE
  16. } DIRECTION_E, *PDIRECTION_E;
  17. typedef struct _FIREWALL_CONTEXT_T {
  18. DIRECTION_E Direction;
  19. void *NTE;
  20. void *LinkCtxt;
  21. NDIS_HANDLE LContext1;
  22. UINT LContext2;
  23. } FIREWALL_CONTEXT_T, *PFIREWALL_CONTEXT_T;
  24. // Definition of an IP receive buffer chain.
  25. typedef struct IPRcvBuf {
  26. struct IPRcvBuf *ipr_next; // Next buffer descriptor in chain.
  27. UINT ipr_owner; // Owner of buffer.
  28. UCHAR *ipr_buffer; // Pointer to buffer.
  29. UINT ipr_size; // Buffer size.
  30. PMDL ipr_pMdl;
  31. UINT *ipr_pClientCnt;
  32. UCHAR *ipr_RcvContext;
  33. UINT ipr_RcvOffset;
  34. ULONG ipr_flags;
  35. } IPRcvBuf;
  36. #define IPR_FLAG_CHECKSUM_OFFLOAD 0x00000002
  37. //
  38. // Enum for values that may be returned from filter routine.
  39. //
  40. typedef enum _FORWARD_ACTION {
  41. FORWARD = 0,
  42. DROP = 1,
  43. ICMP_ON_DROP = 2
  44. } FORWARD_ACTION;
  45. // Definiton for a firewall routine callout.
  46. typedef FORWARD_ACTION
  47. (*IPPacketFirewallPtr)(
  48. VOID **pData,
  49. UINT RecvInterfaceIndex,
  50. UINT *pSendInterfaceIndex,
  51. UCHAR *pDestinationType,
  52. VOID *pContext,
  53. UINT ContextLength,
  54. IPRcvBuf **ppRcvBuf
  55. );
  56. extern
  57. int
  58. IPAllocBuff(
  59. IPRcvBuf *pRcvBuf,
  60. UINT Size
  61. );
  62. extern
  63. VOID
  64. IPFreeBuff(
  65. IPRcvBuf *pRcvBuf
  66. );
  67. extern
  68. VOID
  69. FreeIprBuff(
  70. IPRcvBuf *pRcvBuf
  71. );
  72. typedef enum _IPROUTEINFOCLASS {
  73. IPRouteNoInformation,
  74. IPRouteOutgoingFirewallContext,
  75. IPRouteOutgoingFilterContext,
  76. MaxIPRouteInfoClass
  77. } IPROUTEINFOCLASS;
  78. extern
  79. NTSTATUS
  80. LookupRouteInformation(
  81. IN VOID* RouteLookupData,
  82. OUT VOID* RouteEntry OPTIONAL,
  83. IN IPROUTEINFOCLASS RouteInfoClass OPTIONAL,
  84. OUT VOID* RouteInformation OPTIONAL,
  85. IN OUT UINT* RouteInfoLength OPTIONAL
  86. );
  87. // Structure passed to the IPSetFirewallHook call
  88. typedef struct _IP_SET_FIREWALL_HOOK_INFO {
  89. IPPacketFirewallPtr FirewallPtr; // Packet filter callout.
  90. UINT Priority; // Priority of the hook
  91. BOOLEAN Add; // if TRUE then ADD else DELETE
  92. } IP_SET_FIREWALL_HOOK_INFO, *PIP_SET_FIREWALL_HOOK_INFO;
  93. #define DEST_LOCAL 0 // Destination is local.
  94. #define DEST_BCAST 0x01 // Destination is net or local bcast.
  95. #define DEST_SN_BCAST 0x03 // A subnet bcast.
  96. #define DEST_MCAST 0x05 // A local mcast.
  97. #define DEST_REMOTE 0x08 // Destination is remote.
  98. #define DEST_REM_BCAST 0x0b // Destination is a remote broadcast
  99. #define DEST_REM_MCAST 0x0d // Destination is a remote mcast.
  100. #define DEST_INVALID 0xff // Invalid destination
  101. #define DEST_PROMIS 0x20 // Dest is promiscuous
  102. #define DEST_BCAST_BIT 0x01
  103. #define DEST_OFFNET_BIT 0x10 // Destination is offnet -
  104. // used only by upper layer
  105. // callers.
  106. #define DEST_MCAST_BIT 0x05
  107. #define DD_IP_DEVICE_NAME L"\\Device\\Ip"
  108. #define FSCTL_IP_BASE FILE_DEVICE_NETWORK
  109. #define _IP_CTL_CODE(function, method, access) \
  110. CTL_CODE(FSCTL_IP_BASE, function, method, access)
  111. #define IOCTL_IP_SET_FIREWALL_HOOK \
  112. _IP_CTL_CODE(12, METHOD_BUFFERED, FILE_WRITE_ACCESS)