ped_policy_table.h File Reference

For accessing table of managed interfaces/policies. More...

#include <sync/psd_ipc.h>

Go to the source code of this file.

Data Structures

struct  ped_policy_filter_s
struct  ped_policy_route_s
struct  policy_table_entry_s

Typedefs

typedef ped_policy_filter_s ped_policy_filter_t
typedef ped_policy_route_s ped_policy_route_t
typedef policy_table_entry_s policy_table_entry_t

Enumerations

enum  policy_filter_status_e { FILTER_UNVERIFIED, FILTER_ADDED, FILTER_FAILED, FILTER_PENDING }
 States of a filter in a policy. More...
enum  policy_route_status_e { ROUTE_UNVERIFIED, ROUTE_ADDED, ROUTE_FAILED, ROUTE_PENDING }
 States of a route in a policy. More...

Functions

void init_table (void)
void destroy_table (void)
void policy_table_iterator_reset (void)
policy_table_entry_tpolicy_table_next (void)
int policy_table_entry_count (void)
void policy_table_add_filter (policy_filter_msg_t *filter_data)
void policy_table_add_route (policy_route_msg_t *route_data)
void policy_table_clear_policy (char *ifname, uint8_t af)
void policy_table_delete_policy (char *ifname, uint8_t af, boolean interface_exists)
void policy_table_clean (void)
boolean policy_table_unverify_all (void)

Detailed Description

For accessing table of managed interfaces/policies.

Functions for accessing the table of managed interface/family pairs. Each interface and family pair is associated a policy. A policy consists of an input and an output filter that we (ped) apply on the interface/family (iff).

Definition in file ped_policy_table.h.

Typedef Documentation

typedef struct ped_policy_filter_s ped_policy_filter_t

Structure to hold filter data in the table.

typedef struct ped_policy_route_s ped_policy_route_t

Structure to hold route data in the table.

typedef struct policy_table_entry_s policy_table_entry_t

The value for the hashtable

Enumeration Type Documentation

enum policy_filter_status_e

States of a filter in a policy.

Enumerator:
FILTER_UNVERIFIED  an added filter needs to be verified that it is still contained within the policy
FILTER_ADDED  filter has been applied
FILTER_FAILED  filters have not been applied
FILTER_PENDING  request to add filters is pending

Definition at line 37 of file ped_policy_table.h.

enum policy_route_status_e

States of a route in a policy.

Enumerator:
ROUTE_UNVERIFIED  an added route needs to be verified that it is still contained within the policy
ROUTE_ADDED  route has been applied
ROUTE_FAILED  route has not been applied
ROUTE_PENDING  request to add route is pending

Definition at line 48 of file ped_policy_table.h.

Function Documentation

void destroy_table ( void   ) 

Destroy the table. It should be empty or this will cause a memory leak.

Definition at line 934 of file ped_policy_table.c.

References if_table.

Referenced by init_table().

void init_table ( void   ) 

Initializes the table for first use.

Definition at line 917 of file ped_policy_table.c.

References destroy_table(), equalKeys(), hashFromKey(), and if_table.

Referenced by ped_init().

void policy_table_add_filter ( policy_filter_msg_t filter_data  ) 

Adds a filter with the given interface name and address family to the table. Only adds it if it does not yet exist in the table.

Parameters:
[in] filter_data Filter part of policy, containing interface name and address family

Definition at line 463 of file ped_policy_table.c.

References policy_filter_msg_s::af, apply_filters_to_interface(), apply_pfd_filter_to_interface(), policy_table_entry_s::broken, clean_table, policy_table_entry_s::filter, FILTER_ADDED, ped_policy_filter_s::filter_data, FILTER_FAILED, FILTER_PENDING, get_or_create_policy(), if_table, policy_table_entry_s::ifname, policy_filter_msg_s::ifname, MAX_IF_NAME_LEN, policy_table_entry_s::pfd_filter, and ped_policy_filter_s::status.

Referenced by psd_ipc_read().

void policy_table_add_route ( policy_route_msg_t route_data  ) 

Adds a route with the given interface name and address family to the table. Only adds it if it does not yet exist in the table.

Parameters:
[in] route_data Route data

Definition at line 520 of file ped_policy_table.c.

References add_route(), policy_route_msg_s::af, apply_pfd_filter_to_interface(), policy_table_entry_s::broken, changes_pending, clean_table, equalRoutes(), get_or_create_policy(), if_table, policy_table_entry_s::ifname, policy_route_msg_s::ifname, MAX_IF_NAME_LEN, ped_policy_route_s::next, policy_table_entry_s::pfd_filter, policy_table_entry_s::route, ped_policy_route_s::route_data, ROUTE_FAILED, ROUTE_PENDING, and ped_policy_route_s::status.

Referenced by psd_ipc_read().

void policy_table_clean ( void   ) 

Clean policy table, remove all UNVERIFIED filters and routes. Anything left in the UNVERIFIED state (status) will be deleted.

Definition at line 772 of file ped_policy_table.c.

References apply_pfd_filter_to_interface(), policy_table_entry_s::broken, changes_pending, clean_table, policy_table_entry_s::filter, FILTER_UNVERIFIED, get_ssd_idle(), get_ssd_ready(), if_table, policy_table_entry_s::ifname, ped_policy_route_s::next, policy_table_entry_s::pfd_filter, remove_filters_from_interface(), remove_pfd_filter_from_interface(), remove_route(), policy_table_entry_s::route, ROUTE_FAILED, ROUTE_PENDING, ROUTE_UNVERIFIED, ped_policy_filter_s::status, and ped_policy_route_s::status.

Referenced by psd_ipc_read().

void policy_table_clear_policy ( char *  ifname,
uint8_t  af 
)

Clear everything except for the pfd_filter (no PSD policy for interface). The policy will have no routes or filters afterward. If the policy does not exist it will be created.

Parameters:
[in] ifname The interface name of the policy
[in] af The address family for the interface name of the policy

Definition at line 597 of file ped_policy_table.c.

References policy_table_entry_s::broken, changes_pending, policy_table_entry_s::filter, get_or_create_policy(), if_table, MAX_IF_NAME_LEN, ped_policy_route_s::next, remove_filters_from_interface(), remove_route(), policy_table_entry_s::route, ROUTE_PENDING, and ped_policy_route_s::status.

Referenced by psd_ipc_read().

void policy_table_delete_policy ( char *  ifname,
uint8_t  af,
boolean  interface_exists 
)

Removes an interface with the given name from the table

Parameters:
[in] ifname Interface name
[in] af Address family
[in] interface_exists TRUE if the interface still exists (we need to remvoe filters from it); FALSE if it was deleted so we don't need to worry about deleting filters

Definition at line 657 of file ped_policy_table.c.

References key_s::af, changes_pending, policy_table_entry_s::filter, if_table, policy_table_entry_s::ifname, key_s::ifname, MAX_IF_NAME_LEN, ped_policy_route_s::next, policy_table_entry_s::pfd_filter, remove_filters_from_interface(), remove_pfd_filter_from_interface(), remove_route(), policy_table_entry_s::route, ROUTE_FAILED, ROUTE_PENDING, and ped_policy_route_s::status.

Referenced by update_interface().

int policy_table_entry_count ( void   ) 

Get the number of entries in the table of managed interfaces.

Returns:
The number of entries in the table

Definition at line 949 of file ped_policy_table.c.

References if_table.

Referenced by handler_if_count(), and show_managed().

void policy_table_iterator_reset ( void   ) 

Reset the iterator. This should always be called before using policy_table_next() to start iterating over entries.

Definition at line 961 of file ped_policy_table.c.

References itr_broken.

Referenced by show_managed(), and table_get_first_data_point().

policy_table_entry_t* policy_table_next ( void   ) 

Use this function iterator-style to go through the entries in the table of managed interfaces. You should call policy_table_iterator_reset before iterating over entries with this function.

Returns:
Pointer to policy table entry if successful, otherwise NULL.

Definition at line 978 of file ped_policy_table.c.

References if_table, itr, and itr_broken.

Referenced by show_managed(), and table_get_next_data_point().

boolean policy_table_unverify_all ( void   ) 

Mark all policies in the table UNVERIFIED. Since we can't delete routes or filters, all that are left unverified (i.e. they don't get added again) when calling policy_table_clean() get removed.

Returns:
TRUE upon success; FALSE if aborted because there's still changes pending in which case all route statuses stay the same

Definition at line 720 of file ped_policy_table.c.

References policy_table_entry_s::broken, changes_pending, clean_table, policy_table_entry_s::filter, FILTER_UNVERIFIED, if_table, ped_policy_route_s::next, policy_table_entry_s::route, ROUTE_PENDING, ROUTE_UNVERIFIED, ped_policy_route_s::status, and ped_policy_filter_s::status.

Referenced by psd_ipc_read().

© 2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:27:06 2010 for SDK Your Net Corporation Policy Manager Example: Policy Enforcement Daemon 1.0 by Doxygen 1.5.1