dpm-ctrl_dfw.c File Reference

Relating to managing the firewall filters. More...

#include "dpm-ctrl_main.h"
#include <jnx/junos_dfw_api.h>
#include <jnx/provider_info.h>
#include "dpm-ctrl_dfw.h"
#include <errno.h>
#include <limits.h>

Go to the source code of this file.

Defines

#define KB_BYTES   1024
 Bytes in a KB.
#define FULL_PREFIX_LEN   32
 bit needed for a full mask of an address
#define ERR_BUF_SIZE   256

Functions

static void session_connect (junos_dfw_session_handle_t handle, junos_dfw_session_connect_return_t code, junos_dfw_client_id_t *client_id_list, int num_client_ids)
static void session_state_changed (junos_dfw_session_handle_t handle, junos_dfw_session_state_t state)
static void transaction_rejected (junos_dfw_session_handle_t handle, uint64_t ctx, junos_dfw_trans_reject_reason_info_t reason_info)
static void transaction_accepted (junos_dfw_session_handle_t handle, uint64_t ctx, uint32_t dfw_idx)
status_t init_dfw (evContext ctx)
void shutdown_dfw (void)
boolean dfw_ready (void)
void reset_all_filters (boolean new_filter_mode)
void create_policer (policer_info_t *policer)
void apply_default_int_policy (const char *int_name, const char *ingress_pol, const char *egress_pol)
int apply_subscriber_policer (const char *int_name, const char *sub_name, in_addr_t address, const char *pol_name)
int revoke_subscriber_policer (const char *int_name, const char *sub_name)

Variables

static junos_dfw_session_handle_t dfw_handle
 the handle for all things DFW
static junos_dfw_client_id_t dpm_cid
 assigned ID when ready
static boolean ready = FALSE
 ready to use (after init)
static boolean use_classic_filters = FALSE
 filter application mode (T/F value)

Detailed Description

Relating to managing the firewall filters.

These functions and types will manage the firewall filters.

Definition in file dpm-ctrl_dfw.c.

Function Documentation

void apply_default_int_policy ( const char *  int_name,
const char *  ingress_pol,
const char *  egress_pol 
)

Add an ingress and egress filter to the interface using the given policiers as actions

Parameters:
[in] int_name The interface (IFL) name
[in] ingress_pol The policier to use in the ingress filter
[in] egress_pol The policier to use in the egress filter

Definition at line 409 of file dpm-ctrl_dfw.c.

References dfw_handle, dpm_cid, LOG, and use_classic_filters.

Referenced by configuration_complete().

int apply_subscriber_policer ( const char *  int_name,
const char *  sub_name,
in_addr_t  address,
const char *  pol_name 
)

Add a term to the ingress and egress filter where the subscriber's traffic gets routed through in order to police their traffic with their specific policer

Parameters:
[in] int_name The interface the subscriber's traffic gets routed through
[in] sub_name The subscriber name
[in] address The subscriber's address
[in] pol_name The policier to apply on subscriber traffic
Returns:
0 upon success, -1 on failure (with error logged)

Definition at line 630 of file dpm-ctrl_dfw.c.

References dfw_handle, dpm_cid, FULL_PREFIX_LEN, LOG, and use_classic_filters.

Referenced by apply_policy().

void create_policer ( policer_info_t policer  ) 

Create a policer using the DFWD

Parameters:
[in] policer The policer's information

Definition at line 307 of file dpm-ctrl_dfw.c.

References policer_info_s::action, pol_conf_s::bandwidth_limit, pol_conf_s::bandwidth_percent, pol_conf_s::burst_size_limit, pol_conf_s::bw_in_percent, pol_conf_s::bw_u, dfw_handle, pol_action_s::discard, dpm_cid, policer_info_s::if_exceeding, KB_BYTES, LOG, and policer_info_s::name.

Referenced by configuration_complete().

boolean dfw_ready ( void   ) 

Is the module ready to start using (sending requests)

Returns:
TRUE or FALSE

Definition at line 273 of file dpm-ctrl_dfw.c.

References ready.

Referenced by dpm_init(), and wait_for_dfw().

status_t init_dfw ( evContext  ctx  ) 

Initialize the connection to the dfwd

Parameters:
[in] ctx event context
Returns:
SUCCESS if successful; otherwise EFAIL with an error message.

Definition at line 196 of file dpm-ctrl_dfw.c.

References dfw_handle, INSIST_ERR, LOG, ready, session_connect(), session_state_changed(), transaction_accepted(), and transaction_rejected().

Referenced by dpm_init().

void reset_all_filters ( boolean  new_filter_mode  ) 

Purge filters and reset mode

Parameters:
[in] new_filter_mode Use classic filters

Definition at line 286 of file dpm-ctrl_dfw.c.

References dfw_handle, dpm_cid, LOG, ready, and use_classic_filters.

Referenced by configuration_complete().

int revoke_subscriber_policer ( const char *  int_name,
const char *  sub_name 
)

Delete terms in the ingress and egress filter where the subscriber's traffic gets routed through in order to police their traffic with their specific policer

Parameters:
[in] int_name The interface the subscriber's traffic gets routed through
[in] sub_name The subscriber name
Returns:
0 upon success, -1 on failure (with error logged)

Definition at line 802 of file dpm-ctrl_dfw.c.

References dfw_handle, dpm_cid, LOG, and use_classic_filters.

Referenced by remove_policy().

static void session_connect ( junos_dfw_session_handle_t  handle,
junos_dfw_session_connect_return_t  code,
junos_dfw_client_id_t *  client_id_list,
int  num_client_ids 
) [static]

The connection to DFWD was accepted or has failed

Parameters:
[in] handle DFW handle
[in] code code to indicate status of connection
[in] client_id_list List of client IDs
[in] num_client_ids Number of IDs in client_id_list

Definition at line 64 of file dpm-ctrl_dfw.c.

References dfw_handle, dpm_cid, INSIST_ERR, LOG, and ready.

Referenced by init_dfw().

static void session_state_changed ( junos_dfw_session_handle_t  handle,
junos_dfw_session_state_t  state 
) [static]

The connection to DFWD has gone down unexpectedly

Parameters:
[in] handle DFW handle
[in] state connection state

Definition at line 113 of file dpm-ctrl_dfw.c.

References dfw_handle, INSIST_ERR, LOG, and ready.

Referenced by init_dfw().

void shutdown_dfw ( void   ) 

Close down and free all resources

Definition at line 255 of file dpm-ctrl_dfw.c.

References dfw_handle, and ready.

Referenced by dpm_quit().

static void transaction_accepted ( junos_dfw_session_handle_t  handle,
uint64_t  ctx,
uint32_t  dfw_idx 
) [static]

Report DFW transaction as accepted

Parameters:
[in] handle DFW handle
[in] ctx Transaction context
[in] reason_info The transaction index assigned by DFWD

Definition at line 173 of file dpm-ctrl_dfw.c.

References dfw_handle, INSIST_ERR, and LOG.

Referenced by init_dfw().

static void transaction_rejected ( junos_dfw_session_handle_t  handle,
uint64_t  ctx,
junos_dfw_trans_reject_reason_info_t  reason_info 
) [static]

Report DFW transaction as rejected

Parameters:
[in] handle DFW handle
[in] ctx Transaction context
[in] reason_info Reason for rejection

Definition at line 145 of file dpm-ctrl_dfw.c.

References dfw_handle, INSIST_ERR, and LOG.

Referenced by init_dfw().

© 2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:26:54 2010 for SDK Your Net Corporation Dynamic Policy Manager Example: dpm-ctrl 1.0 by Doxygen 1.5.1