junos_dfw_client_functions_t and junos_dfw_conn_addr_t conn_addr structures that describe the functions to be executed and where to connect.You can supply functions to be invoked on session connect, session connection state change, acceptance and rejection of the configuration. You set fields in the connection address structure using various constants provided in the header file.
The code then allocates memory for a session by calling the function junos_dfw_session_handle_alloc(), and opens the session by calling junos_dfw_session_open(), passing in the information supplied earlier.
status_t
init_dfw(evContext ctx)
{
int rc;
junos_dfw_client_functions_t funcs;
junos_dfw_conn_addr_t conn_addr;
junos_dfw_sdk_app_id_t client_id;
ready = FALSE;
dfw_handle = NULL;
funcs.session_connect_cb = session_connect;
funcs.session_state_change_cb = session_state_changed;
funcs.trans_rejected_cb = transaction_rejected;
funcs.trans_accepted_cb = transaction_accepted;
rc = junos_dfw_session_handle_alloc(&dfw_handle, &funcs);
if(rc != 0) {
LOG(LOG_ERR, "%s: Cannot allocate handle for a dynamic "
"firewall session (%m)", __func__);
dfw_handle = NULL;
return EFAIL;
}
conn_addr.addr_family = JUNOS_DFW_CONN_AF_INET;
conn_addr.addr.dfwd_inet.dfwd_server_port = JUNOS_DFW_DEFAULT_PORT;
conn_addr.addr.dfwd_inet.dfwd_host_name =
malloc(strlen(JUNOS_DFW_DEFAULT_LOCAL_ADDR) + 1);
INSIST_ERR(conn_addr.addr.dfwd_inet.dfwd_host_name != NULL);
strlcpy(conn_addr.addr.dfwd_inet.dfwd_host_name,
JUNOS_DFW_DEFAULT_LOCAL_ADDR,
strlen(JUNOS_DFW_DEFAULT_LOCAL_ADDR) + 1);
client_id = DPM_CTRL_CLIENT_ID;
rc = junos_dfw_session_open(dfw_handle, &conn_addr, client_id, ctx);
if(rc != 0) {
if(errno == EISCONN) {
LOG(LOG_INFO, "%s: Connection to DWFD established", __func__);
ready = TRUE;
} else {
LOG(LOG_ERR, "%s: Cannot setup dynamic firewall connection (%m)",
__func__);
junos_dfw_session_handle_free(dfw_handle);
dfw_handle = NULL;
return EFAIL;
}
}
return SUCCESS;
}