addrfilt.h

   1 /*
   2   chronyd/chronyc - Programs for keeping computer clocks accurate.
   3
   4  **********************************************************************
   5  * Copyright (C) Richard P. Curnow  1997-2002
   6  *
   7  * This program is free software; you can redistribute it and/or modify
   8  * it under the terms of version 2 of the GNU General Public License as
   9  * published by the Free Software Foundation.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU General Public License along
  17  * with this program; if not, write to the Free Software Foundation, Inc.,
  18  * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  *
  20  **********************************************************************
  21
  22   =======================================================================
  23
  24   Module for providing an authorisation filter on IP addresses
  25   */
  26
  27 #ifndef GOT_ADDRFILT_H
  28 #define GOT_ADDRFILT_H
  29
  30 #include "addressing.h"
  31
  32 typedef struct ADF_AuthTableInst *ADF_AuthTable;
  33
  34 typedef enum {
  35   ADF_SUCCESS,
  36   ADF_BADSUBNET
  37 } ADF_Status;
  38
  39
  40 /* Create a new table.  The default rule is deny for everything */
  41 extern ADF_AuthTable ADF_CreateTable(void);
  42
  43 /* Allow anything in the supplied subnet, EXCEPT for any more specific
  44    subnets that are already defined */
  45 extern ADF_Status ADF_Allow(ADF_AuthTable table,
  46                             IPAddr *ip,
  47                             int subnet_bits);
  48
  49 /* Allow anything in the supplied subnet, overwriting existing
  50    definitions for any more specific subnets */
  51 extern ADF_Status ADF_AllowAll(ADF_AuthTable table,
  52                                IPAddr *ip,
  53                                int subnet_bits);
  54
  55 /* Deny anything in the supplied subnet, EXCEPT for any more specific
  56    subnets that are already defined */
  57 extern ADF_Status ADF_Deny(ADF_AuthTable table,
  58                            IPAddr *ip,
  59                            int subnet_bits);
  60
  61 /* Deny anything in the supplied subnet, overwriting existing
  62    definitions for any more specific subnets */
  63 extern ADF_Status ADF_DenyAll(ADF_AuthTable table,
  64                               IPAddr *ip,
  65                               int subnet_bits);
  66
  67 /* Clear up the table */
  68 extern void ADF_DestroyTable(ADF_AuthTable table);
  69
  70 /* Check whether a given IP address is allowed by the rules in
  71    the table */
  72 extern int ADF_IsAllowed(ADF_AuthTable table,
  73                          IPAddr *ip);
  74
  75 /* Check if at least one address from a given family is allowed by
  76    the rules in the table */
  77 extern int ADF_IsAnyAllowed(ADF_AuthTable table,
  78                             int family);
  79
  80 #endif /* GOT_ADDRFILT_H */