mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
1930675a9b
Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com> Acked-by: Steve Beattie <steve@nxnw.org>
95 lines
2.4 KiB
C
95 lines
2.4 KiB
C
/*
|
|
* Copyright (c) 2014
|
|
* Canonical, Ltd. (All rights reserved)
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of version 2 of the GNU General Public
|
|
* License published by the Free Software Foundation.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, contact Novell, Inc. or Canonical
|
|
* Ltd.
|
|
*/
|
|
|
|
#ifndef __AA_NETWORK_H
|
|
#define __AA_NETWORK_H
|
|
|
|
#include <fcntl.h>
|
|
#include <netinet/in.h>
|
|
#include <linux/socket.h>
|
|
#include <linux/limits.h>
|
|
#include <arpa/inet.h>
|
|
#include <sys/types.h>
|
|
#include <sys/stat.h>
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <unistd.h>
|
|
#include <libintl.h>
|
|
|
|
#include "parser.h"
|
|
#include "rule.h"
|
|
#include "profile.h"
|
|
|
|
struct network_tuple {
|
|
const char *family_name;
|
|
unsigned int family;
|
|
const char *type_name;
|
|
unsigned int type;
|
|
const char *protocol_name;
|
|
unsigned int protocol;
|
|
};
|
|
|
|
/* supported AF protocols */
|
|
struct aa_network_entry {
|
|
unsigned int family;
|
|
unsigned int type;
|
|
unsigned int protocol;
|
|
|
|
struct aa_network_entry *next;
|
|
};
|
|
|
|
extern struct aa_network_entry *new_network_ent(unsigned int family,
|
|
unsigned int type,
|
|
unsigned int protocol);
|
|
extern struct aa_network_entry *network_entry(const char *family,
|
|
const char *type,
|
|
const char *protocol);
|
|
extern size_t get_af_max(void);
|
|
|
|
void __debug_network(unsigned int *array, const char *name);
|
|
|
|
struct network {
|
|
unsigned int *allow; /* array of type masks
|
|
* indexed by AF_FAMILY */
|
|
unsigned int *audit;
|
|
unsigned int *deny;
|
|
unsigned int *quiet;
|
|
|
|
network(void) { allow = audit = deny = quiet = NULL; }
|
|
|
|
void dump(void) {
|
|
if (allow)
|
|
__debug_network(allow, "Network");
|
|
if (audit)
|
|
__debug_network(audit, "Audit Net");
|
|
if (deny)
|
|
__debug_network(deny, "Deny Net");
|
|
if (quiet)
|
|
__debug_network(quiet, "Quiet Net");
|
|
}
|
|
};
|
|
|
|
int net_find_type_val(const char *type);
|
|
const char *net_find_type_name(int type);
|
|
int net_find_af_val(const char *af);
|
|
const char *net_find_af_name(unsigned int af);
|
|
const struct network_tuple *net_find_mapping(const char *family,
|
|
const char *type,
|
|
const char *protocol);
|
|
|
|
#endif /* __AA_NETWORK_H */
|