1 /* 2 * Copyright (c) 2024 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 #ifndef NET_FIREWALL_MAP_DEF_H 17 #define NET_FIREWALL_MAP_DEF_H 18 19 #ifndef SEC 20 #define SEC(NAME) __attribute__((section(NAME), used)) 21 #endif // SEC 22 23 #define MAP_MAX_ENTRIES 5000 24 #define MAP_MAX_PORT_ENTRIES 65535 25 26 #define INGRESS_SADDR_MAP in_saddr_map 27 #define INGRESS_SADDR6_MAP in_saddr6_map 28 #define INGRESS_DADDR_MAP in_daddr_map 29 #define INGRESS_DADDR6_MAP in_daddr6_map 30 #define INGRESS_SPORT_MAP in_sport_map 31 #define INGRESS_DPORT_MAP in_dport_map 32 #define INGRESS_PROTO_MAP in_proto_map 33 #define INGRESS_APPUID_MAP in_appuid_map 34 #define INGRESS_UID_MAP in_uid_map 35 #define INGRESS_ACTION_MAP in_action_map 36 37 #define EGRESS_SADDR_MAP out_saddr_map 38 #define EGRESS_SADDR6_MAP out_saddr6_map 39 #define EGRESS_DADDR_MAP out_daddr_map 40 #define EGRESS_DADDR6_MAP out_daddr6_map 41 #define EGRESS_SPORT_MAP out_sport_map 42 #define EGRESS_DPORT_MAP out_dport_map 43 #define EGRESS_PROTO_MAP out_proto_map 44 #define EGRESS_APPUID_MAP out_appuid_map 45 #define EGRESS_UID_MAP out_uid_map 46 #define EGRESS_ACTION_MAP out_action_map 47 48 #define EVENT_MAP event_map 49 #define DEFAULT_ACTION_MAP def_act_map 50 #define CT_MAP ct_map 51 #define CURRENT_UID_MAP current_uid_map 52 #define DOMAIN_IPV4_MAP domain_ipv4_map 53 #define DOMAIN_IPV6_MAP domain_ipv6_map 54 #define DOMAIN_PASS_MAP domain_pass_map 55 #define DOMAIN_DENY_MAP domain_deny_map 56 #define LOOP_BACK_IPV4_MAP loop_ipv4_map 57 #define LOOP_BACK_IPV6_MAP loop_ipv6_map 58 59 #define MAPS_DIR() "/sys/fs/bpf/netsys/maps/" 60 #define STR(x) #x 61 #define MAP_NAME(x) STR(x) 62 #define MAP_PATH(name) MAPS_DIR() MAP_NAME(name) 63 #define GET_MAP_PATH(ingress, name) ((ingress) ? MAPS_DIR() "in_" #name "_map" : MAPS_DIR() "out_" #name "_map") 64 #define GET_MAP(ingress, name) ((ingress) ? &in_##name##_map : &out_##name##_map) 65 66 #endif // NET_FIREWALL_MAP_DEF_H