Adding upstream version 4.3.upstream/4.3upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 80 insertions, 0 deletions

diff --git a/addrfilt.h b/addrfilt.h
new file mode 100644
index 0000000..b8c131f
--- /dev/null
+++ b/addrfilt.h
@@ -0,0 +1,80 @@
+/*
+  chronyd/chronyc - Programs for keeping computer clocks accurate.
+
+ **********************************************************************
+ * Copyright (C) Richard P. Curnow  1997-2002
+ * 
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ * 
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ * 
+ **********************************************************************
+
+  =======================================================================
+
+  Module for providing an authorisation filter on IP addresses
+  */
+
+#ifndef GOT_ADDRFILT_H
+#define GOT_ADDRFILT_H
+
+#include "addressing.h"
+
+typedef struct ADF_AuthTableInst *ADF_AuthTable;
+
+typedef enum {
+  ADF_SUCCESS,
+  ADF_BADSUBNET
+} ADF_Status;
+  
+
+/* Create a new table.  The default rule is deny for everything */
+extern ADF_AuthTable ADF_CreateTable(void);
+
+/* Allow anything in the supplied subnet, EXCEPT for any more specific
+   subnets that are already defined */
+extern ADF_Status ADF_Allow(ADF_AuthTable table,
+                            IPAddr *ip,
+                            int subnet_bits);
+
+/* Allow anything in the supplied subnet, overwriting existing
+   definitions for any more specific subnets */
+extern ADF_Status ADF_AllowAll(ADF_AuthTable table,
+                               IPAddr *ip,
+                               int subnet_bits);
+
+/* Deny anything in the supplied subnet, EXCEPT for any more specific
+   subnets that are already defined */
+extern ADF_Status ADF_Deny(ADF_AuthTable table,
+                           IPAddr *ip,
+                           int subnet_bits);
+
+/* Deny anything in the supplied subnet, overwriting existing
+   definitions for any more specific subnets */
+extern ADF_Status ADF_DenyAll(ADF_AuthTable table,
+                              IPAddr *ip,
+                              int subnet_bits);
+
+/* Clear up the table */
+extern void ADF_DestroyTable(ADF_AuthTable table);
+
+/* Check whether a given IP address is allowed by the rules in 
+   the table */
+extern int ADF_IsAllowed(ADF_AuthTable table,
+                         IPAddr *ip);
+
+/* Check if at least one address from a given family is allowed by
+   the rules in the table */
+extern int ADF_IsAnyAllowed(ADF_AuthTable table,
+                            int family);
+
+#endif /* GOT_ADDRFILT_H */