#ifndef _NET_IF_PFLOW_H_
#define _NET_IF_PFLOW_H_
#include <sys/cdefs.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#ifdef _KERNEL
#include <sys/param.h>
#include <sys/lock.h>
#include <sys/rmlock.h>
#include <sys/interrupt.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/if_private.h>
#include <net/pfvar.h>
#include <netinet/ip.h>
#endif
#define PFLOW_MAX_ENTRIES 128
#define PFLOW_ID_LEN sizeof(u_int64_t)
#define PFLOW_MAXFLOWS 30
#define PFLOW_ENGINE_TYPE 42
#define PFLOW_ENGINE_ID 42
#define PFLOW_MAXBYTES 0xffffffff
#define PFLOW_TIMEOUT 30
#define PFLOW_TMPL_TIMEOUT 30
#define PFLOW_IPFIX_TMPL_SET_ID 2
#define PFIX_IE_octetDeltaCount 1
#define PFIX_IE_packetDeltaCount 2
#define PFIX_IE_protocolIdentifier 4
#define PFIX_IE_ipClassOfService 5
#define PFIX_IE_sourceTransportPort 7
#define PFIX_IE_sourceIPv4Address 8
#define PFIX_IE_ingressInterface 10
#define PFIX_IE_destinationTransportPort 11
#define PFIX_IE_destinationIPv4Address 12
#define PFIX_IE_egressInterface 14
#define PFIX_IE_flowEndSysUpTime 21
#define PFIX_IE_flowStartSysUpTime 22
#define PFIX_IE_sourceIPv6Address 27
#define PFIX_IE_destinationIPv6Address 28
#define PFIX_IE_flowStartMilliseconds 152
#define PFIX_IE_flowEndMilliseconds 153
#define PFIX_IE_postNATSourceIPv4Address 225
#define PFIX_IE_postNATDestinationIPv4Address 226
#define PFIX_IE_postNAPTSourceTransportPort 227
#define PFIX_IE_postNAPTDestinationTransportPort 228
#define PFIX_IE_natEvent 230
#define PFIX_NAT_EVENT_SESSION_CREATE 4
#define PFIX_NAT_EVENT_SESSION_DELETE 5
#define PFIX_IE_timeStamp 323
struct pflow_flow {
u_int32_t src_ip;
u_int32_t dest_ip;
u_int32_t nexthop_ip;
u_int16_t if_index_in;
u_int16_t if_index_out;
u_int32_t flow_packets;
u_int32_t flow_octets;
u_int32_t flow_start;
u_int32_t flow_finish;
u_int16_t src_port;
u_int16_t dest_port;
u_int8_t pad1;
u_int8_t tcp_flags;
u_int8_t protocol;
u_int8_t tos;
u_int16_t src_as;
u_int16_t dest_as;
u_int8_t src_mask;
u_int8_t dest_mask;
u_int16_t pad2;
} __packed;
struct pflow_set_header {
u_int16_t set_id;
u_int16_t set_length;
} __packed;
#define PFLOW_SET_HDRLEN sizeof(struct pflow_set_header)
struct pflow_tmpl_hdr {
u_int16_t tmpl_id;
u_int16_t field_count;
} __packed;
struct pflow_tmpl_fspec {
u_int16_t field_id;
u_int16_t len;
} __packed;
struct pflow_ipfix_tmpl_ipv4 {
struct pflow_tmpl_hdr h;
struct pflow_tmpl_fspec src_ip;
struct pflow_tmpl_fspec dest_ip;
struct pflow_tmpl_fspec if_index_in;
struct pflow_tmpl_fspec if_index_out;
struct pflow_tmpl_fspec packets;
struct pflow_tmpl_fspec octets;
struct pflow_tmpl_fspec start;
struct pflow_tmpl_fspec finish;
struct pflow_tmpl_fspec src_port;
struct pflow_tmpl_fspec dest_port;
struct pflow_tmpl_fspec tos;
struct pflow_tmpl_fspec protocol;
#define PFLOW_IPFIX_TMPL_IPV4_FIELD_COUNT 12
#define PFLOW_IPFIX_TMPL_IPV4_ID 256
} __packed;
struct pflow_ipfix_tmpl_ipv6 {
struct pflow_tmpl_hdr h;
struct pflow_tmpl_fspec src_ip;
struct pflow_tmpl_fspec dest_ip;
struct pflow_tmpl_fspec if_index_in;
struct pflow_tmpl_fspec if_index_out;
struct pflow_tmpl_fspec packets;
struct pflow_tmpl_fspec octets;
struct pflow_tmpl_fspec start;
struct pflow_tmpl_fspec finish;
struct pflow_tmpl_fspec src_port;
struct pflow_tmpl_fspec dest_port;
struct pflow_tmpl_fspec tos;
struct pflow_tmpl_fspec protocol;
#define PFLOW_IPFIX_TMPL_IPV6_FIELD_COUNT 12
#define PFLOW_IPFIX_TMPL_IPV6_ID 257
} __packed;
struct pflow_ipfix_tmpl_nat44 {
struct pflow_tmpl_hdr h;
struct pflow_tmpl_fspec timestamp;
struct pflow_tmpl_fspec nat_event;
struct pflow_tmpl_fspec protocol;
struct pflow_tmpl_fspec src_ip;
struct pflow_tmpl_fspec src_port;
struct pflow_tmpl_fspec postnat_src_ip;
struct pflow_tmpl_fspec postnat_src_port;
struct pflow_tmpl_fspec dst_ip;
struct pflow_tmpl_fspec dst_port;
struct pflow_tmpl_fspec postnat_dst_ip;
struct pflow_tmpl_fspec postnat_dst_port;
#define PFLOW_IPFIX_TMPL_NAT44_FIELD_COUNT 11
#define PFLOW_IPFIX_TMPL_NAT44_ID 258
};
struct pflow_ipfix_tmpl {
struct pflow_set_header set_header;
struct pflow_ipfix_tmpl_ipv4 ipv4_tmpl;
struct pflow_ipfix_tmpl_ipv6 ipv6_tmpl;
struct pflow_ipfix_tmpl_nat44 nat44_tmpl;
} __packed;
struct pflow_ipfix_flow4 {
u_int32_t src_ip;
u_int32_t dest_ip;
u_int32_t if_index_in;
u_int32_t if_index_out;
u_int64_t flow_packets;
u_int64_t flow_octets;
int64_t flow_start;
int64_t flow_finish;
u_int16_t src_port;
u_int16_t dest_port;
u_int8_t tos;
u_int8_t protocol;
} __packed;
struct pflow_ipfix_flow6 {
struct in6_addr src_ip;
struct in6_addr dest_ip;
u_int32_t if_index_in;
u_int32_t if_index_out;
u_int64_t flow_packets;
u_int64_t flow_octets;
int64_t flow_start;
int64_t flow_finish;
u_int16_t src_port;
u_int16_t dest_port;
u_int8_t tos;
u_int8_t protocol;
} __packed;
struct pflow_ipfix_nat4 {
u_int64_t timestamp;
u_int8_t nat_event;
u_int8_t protocol;
u_int32_t src_ip;
u_int16_t src_port;
u_int32_t postnat_src_ip;
u_int16_t postnat_src_port;
u_int32_t dest_ip;
u_int16_t dest_port;
u_int32_t postnat_dest_ip;
u_int16_t postnat_dest_port;
} __packed;
#ifdef _KERNEL
struct pflow_softc {
int sc_id;
struct mtx sc_lock;
int sc_dying;
struct vnet *sc_vnet;
unsigned int sc_count;
unsigned int sc_count4;
unsigned int sc_count6;
unsigned int sc_count_nat4;
unsigned int sc_maxcount;
unsigned int sc_maxcount4;
unsigned int sc_maxcount6;
unsigned int sc_maxcount_nat4;
u_int32_t sc_gcounter;
u_int32_t sc_sequence;
struct callout sc_tmo;
struct callout sc_tmo6;
struct callout sc_tmo_nat4;
struct callout sc_tmo_tmpl;
struct intr_event *sc_swi_ie;
void *sc_swi_cookie;
struct mbufq sc_outputqueue;
struct task sc_outputtask;
struct socket *so;
struct sockaddr *sc_flowsrc;
struct sockaddr *sc_flowdst;
struct pflow_ipfix_tmpl sc_tmpl_ipfix;
u_int8_t sc_version;
u_int32_t sc_observation_dom;
struct mbuf *sc_mbuf;
struct mbuf *sc_mbuf6;
struct mbuf *sc_mbuf_nat4;
CK_LIST_ENTRY(pflow_softc) sc_next;
struct epoch_context sc_epoch_ctx;
};
#endif
struct pflow_header {
u_int16_t version;
u_int16_t count;
u_int32_t uptime_ms;
u_int32_t time_sec;
u_int32_t time_nanosec;
u_int32_t flow_sequence;
u_int8_t engine_type;
u_int8_t engine_id;
u_int8_t reserved1;
u_int8_t reserved2;
} __packed;
#define PFLOW_HDRLEN sizeof(struct pflow_header)
struct pflow_v10_header {
u_int16_t version;
u_int16_t length;
u_int32_t time_sec;
u_int32_t flow_sequence;
u_int32_t observation_dom;
} __packed;
#define PFLOW_IPFIX_HDRLEN sizeof(struct pflow_v10_header)
struct pflowstats {
u_int64_t pflow_flows;
u_int64_t pflow_packets;
u_int64_t pflow_onomem;
u_int64_t pflow_oerrors;
};
#define PFLOW_PROTO_5 5
#define PFLOW_PROTO_10 10
#define PFLOW_PROTO_MAX 11
#define PFLOW_PROTO_DEFAULT PFLOW_PROTO_5
struct pflow_protos {
const char *ppr_name;
u_int8_t ppr_proto;
};
#define PFLOW_PROTOS { \
{ "5", PFLOW_PROTO_5 }, \
{ "10", PFLOW_PROTO_10 }, \
}
#define PFLOWNL_FAMILY_NAME "pflow"
enum {
PFLOWNL_CMD_UNSPEC = 0,
PFLOWNL_CMD_LIST = 1,
PFLOWNL_CMD_CREATE = 2,
PFLOWNL_CMD_DEL = 3,
PFLOWNL_CMD_SET = 4,
PFLOWNL_CMD_GET = 5,
__PFLOWNL_CMD_MAX,
};
#define PFLOWNL_CMD_MAX (__PFLOWNL_CMD_MAX - 1)
enum pflow_list_type_t {
PFLOWNL_L_UNSPEC,
PFLOWNL_L_ID = 1,
};
enum pflow_create_type_t {
PFLOWNL_CREATE_UNSPEC,
PFLOWNL_CREATE_ID = 1,
};
enum pflow_del_type_t {
PFLOWNL_DEL_UNSPEC,
PFLOWNL_DEL_ID = 1,
};
enum pflow_addr_type_t {
PFLOWNL_ADDR_UNSPEC,
PFLOWNL_ADDR_FAMILY = 1,
PFLOWNL_ADDR_PORT = 2,
PFLOWNL_ADDR_IP = 3,
PFLOWNL_ADDR_IP6 = 4,
};
enum pflow_get_type_t {
PFLOWNL_GET_UNSPEC,
PFLOWNL_GET_ID = 1,
PFLOWNL_GET_VERSION = 2,
PFLOWNL_GET_SRC = 3,
PFLOWNL_GET_DST = 4,
PFLOWNL_GET_OBSERVATION_DOMAIN = 5,
PFLOWNL_GET_SOCKET_STATUS = 6,
};
enum pflow_set_type_t {
PFLOWNL_SET_UNSPEC,
PFLOWNL_SET_ID = 1,
PFLOWNL_SET_VERSION = 2,
PFLOWNL_SET_SRC = 3,
PFLOWNL_SET_DST = 4,
PFLOWNL_SET_OBSERVATION_DOMAIN = 5,
};
#ifdef _KERNEL
int pflow_sysctl(int *, u_int, void *, size_t *, void *, size_t);
#endif
#endif
