1fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt/*
2fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * Copyright (C) 2008 The Android Open Source Project
3fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt *
4fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * Licensed under the Apache License, Version 2.0 (the "License");
5fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * you may not use this file except in compliance with the License.
6fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * You may obtain a copy of the License at
7fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt *
8fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt *      http://www.apache.org/licenses/LICENSE-2.0
9fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt *
10fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * Unless required by applicable law or agreed to in writing, software
11fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * distributed under the License is distributed on an "AS IS" BASIS,
12fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * See the License for the specific language governing permissions and
14fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt * limitations under the License.
15fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt */
16fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
17fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt#ifndef _SECONDARY_TABLE_CONTROLLER_H
18fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt#define _SECONDARY_TABLE_CONTROLLER_H
19fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
20fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt#include <sysutils/FrameworkListener.h>
21fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
22970274a61800e047430d81269df977de9dbe45efElliott Hughes#include <net/if.h>
23d2617936acc15567fc5111bbdb4dde20845c3cbaChad Brubaker#include "UidMarkMap.h"
242251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker#include "NetdConstants.h"
25d14fd4f83ffeea4ad1cd559a41f775f6814565ccJaime A Lopez-Sollano
26d14fd4f83ffeea4ad1cd559a41f775f6814565ccJaime A Lopez-Sollano#ifndef IFNAMSIZ
27d14fd4f83ffeea4ad1cd559a41f775f6814565ccJaime A Lopez-Sollano#define IFNAMSIZ 16
28d14fd4f83ffeea4ad1cd559a41f775f6814565ccJaime A Lopez-Sollano#endif
29d14fd4f83ffeea4ad1cd559a41f775f6814565ccJaime A Lopez-Sollano
30fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwaltstatic const int INTERFACES_TRACKED = 10;
31fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwaltstatic const int BASE_TABLE_NUMBER = 60;
32fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwaltstatic int MAX_TABLE_NUMBER = BASE_TABLE_NUMBER + INTERFACES_TRACKED;
332349aa60771baae85b1f5fc96e653ac2ef95034bChad Brubakerstatic const char *EXEMPT_PRIO = "99";
342349aa60771baae85b1f5fc96e653ac2ef95034bChad Brubakerstatic const char *RULE_PRIO = "100";
35fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
36fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwaltclass SecondaryTableController {
37fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
38fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwaltpublic:
39d2617936acc15567fc5111bbdb4dde20845c3cbaChad Brubaker    SecondaryTableController(UidMarkMap *map);
40fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt    virtual ~SecondaryTableController();
41fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
42fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt    int addRoute(SocketClient *cli, char *iface, char *dest, int prefixLen, char *gateway);
43fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt    int removeRoute(SocketClient *cli, char *iface, char *dest, int prefixLen, char *gateway);
44fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt    int findTableNumber(const char *iface);
45c462177bd58e3bf0ac4f618934dae060569e3e0bRobert Greenwalt    int modifyFromRule(int tableIndex, const char *action, const char *addr);
46c462177bd58e3bf0ac4f618934dae060569e3e0bRobert Greenwalt    int modifyLocalRoute(int tableIndex, const char *action, const char *iface, const char *addr);
478830b94cf4824e5a6c738d39d3015c8eec976352Chad Brubaker    int addUidRule(const char *iface, int uid_start, int uid_end);
488830b94cf4824e5a6c738d39d3015c8eec976352Chad Brubaker    int removeUidRule(const char *iface, int uid_start, int uid_end);
497a6ce4bed8569745798bcc26f51d6f306ebdba94Chad Brubaker    int addFwmarkRule(const char *iface);
507a6ce4bed8569745798bcc26f51d6f306ebdba94Chad Brubaker    int removeFwmarkRule(const char *iface);
512251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker    int addFwmarkRoute(const char* iface, const char *dest, int prefix);
522251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker    int removeFwmarkRoute(const char* iface, const char *dest, int prefix);
534a946095dad15548ae399665be111be9cb1d9aa6Chad Brubaker    int addHostExemption(const char *host);
544a946095dad15548ae399665be111be9cb1d9aa6Chad Brubaker    int removeHostExemption(const char *host);
55da7df7c8f009f014486343cfbbaaae2a766f3a2bChad Brubaker    void getUidMark(SocketClient *cli, int uid);
56da7df7c8f009f014486343cfbbaaae2a766f3a2bChad Brubaker    void getProtectMark(SocketClient *cli);
572251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker
582251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker    int setupIptablesHooks();
599a50889a22c1d93c9e1a14873cde8fc1508f66fdChad Brubaker
609a50889a22c1d93c9e1a14873cde8fc1508f66fdChad Brubaker    static const char* LOCAL_MANGLE_OUTPUT;
619440e7f994901ca123393844c95fe5caa6639a3bJP Abgrall    static const char* LOCAL_MANGLE_POSTROUTING;
627a6ce4bed8569745798bcc26f51d6f306ebdba94Chad Brubaker    static const char* LOCAL_NAT_POSTROUTING;
639a50889a22c1d93c9e1a14873cde8fc1508f66fdChad Brubaker
64fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
65fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwaltprivate:
66d2617936acc15567fc5111bbdb4dde20845c3cbaChad Brubaker    UidMarkMap *mUidMarkMap;
67d2617936acc15567fc5111bbdb4dde20845c3cbaChad Brubaker
688830b94cf4824e5a6c738d39d3015c8eec976352Chad Brubaker    int setUidRule(const char* iface, int uid_start, int uid_end, bool add);
697a6ce4bed8569745798bcc26f51d6f306ebdba94Chad Brubaker    int setFwmarkRule(const char *iface, bool add);
702251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker    int setFwmarkRoute(const char* iface, const char *dest, int prefix, bool add);
714a946095dad15548ae399665be111be9cb1d9aa6Chad Brubaker    int setHostExemption(const char *host, bool add);
72c462177bd58e3bf0ac4f618934dae060569e3e0bRobert Greenwalt    int modifyRoute(SocketClient *cli, const char *action, char *iface, char *dest, int prefix,
73063af322b48ab1bb0c3e09eb0b64915ba568275bRobert Greenwalt            char *gateway, int tableIndex);
74063af322b48ab1bb0c3e09eb0b64915ba568275bRobert Greenwalt
75d14fd4f83ffeea4ad1cd559a41f775f6814565ccJaime A Lopez-Sollano    char mInterfaceTable[INTERFACES_TRACKED][IFNAMSIZ + 1];
76fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt    int mInterfaceRuleCount[INTERFACES_TRACKED];
77c462177bd58e3bf0ac4f618934dae060569e3e0bRobert Greenwalt    void modifyRuleCount(int tableIndex, const char *action);
78c462177bd58e3bf0ac4f618934dae060569e3e0bRobert Greenwalt    int verifyTableIndex(int tableIndex);
79c462177bd58e3bf0ac4f618934dae060569e3e0bRobert Greenwalt    const char *getVersion(const char *addr);
802251c0fbcf24a9c8fd77b23851f60304087bab2bChad Brubaker    IptablesTarget getIptablesTarget(const char *addr);
81fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
82001f0a436e9fe0353dccd98ee34b91095d9ed1a1Rom Lemarchand    int runCmd(int argc, const char **argv);
83fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt};
84fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt
85fc97b82e02979f246d56a4bfd60e4aab8686d3f6Robert Greenwalt#endif
86