diff options
| author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-08-04 13:01:14 -0700 |
|---|---|---|
| committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-08-04 13:01:14 -0700 |
| commit | 37d139177dfdc6a0cf44f964a315184fca3fc3bd (patch) | |
| tree | 7d01804cd6cb2e4c095cc1237cc4e9e4114fb9ee /node/Network.hpp | |
| parent | 8a7753cfe3824ad378e779140fdd99f5c2873642 (diff) | |
| download | infinitytier-37d139177dfdc6a0cf44f964a315184fca3fc3bd.tar.gz infinitytier-37d139177dfdc6a0cf44f964a315184fca3fc3bd.zip | |
Integrate Filter into OutboundMulticast properly.
Diffstat (limited to 'node/Network.hpp')
| -rw-r--r-- | node/Network.hpp | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/node/Network.hpp b/node/Network.hpp index 17eed4bd..10714a7a 100644 --- a/node/Network.hpp +++ b/node/Network.hpp @@ -78,6 +78,62 @@ public: ~Network(); /** + * Apply filters to an outgoing packet + * + * This applies filters from our network config and, if that doesn't match, + * our capabilities in ascending order of capability ID. If there is a match + * certain actions may be taken such as pushing credentials to ztDest and + * sending a copy of the packet to a TEE or REDIRECT target. + * + * @param ztSource Source ZeroTier address + * @param ztDest Destination ZeroTier address + * @param macSource Ethernet layer source address + * @param macDest Ethernet layer destination address + * @param frameData Ethernet frame data + * @param frameLen Ethernet frame payload length + * @param etherType 16-bit ethernet type ID + * @param vlanId 16-bit VLAN ID + * @return True if packet should be sent to destination peer + */ + bool filterOutgoingPacket( + const Address &ztSource, + const Address &ztDest, + const MAC &macSource, + const MAC &macDest, + const uint8_t *frameData, + const unsigned int frameLen, + const unsigned int etherType, + const unsigned int vlanId); + + /** + * Apply filters to an incoming packet + * + * This applies filters from our network config and, if that doesn't match, + * the peer's capabilities in ascending order of capability ID. If there is + * a match certain actions may be taken such as sending a copy of the packet + * to a TEE or REDIRECT target. + * + * @param ztSource Source Peer (to save an extra lookup) + * @param ztDest Destination ZeroTier address + * @param macSource Ethernet layer source address + * @param macDest Ethernet layer destination address + * @param frameData Ethernet frame data + * @param frameLen Ethernet frame payload length + * @param etherType 16-bit ethernet type ID + * @param vlanId 16-bit VLAN ID + * @return True if packet should be accepted locally + */ + bool filterIncomingPacket( + const SharedPtr<Peer> &ztSource, + const Address &ztDest, + const MAC &macSource, + const MAC &macDest, + const uint8_t *frameData, + const unsigned int frameLen, + const unsigned int etherType, + const unsigned int vlanId); + + /** * @return Network ID */ inline uint64_t id() const throw() { return _id; } |