Home | History | Annotate | Download | only in server 
      1 /*
      2  * Copyright (C) 2014 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #ifndef NETD_SERVER_ROUTE_CONTROLLER_H
     18 #define NETD_SERVER_ROUTE_CONTROLLER_H
     19 
     20 #include "NetdConstants.h"
     21 #include "Permission.h"
     22 
     23 #include <sys/types.h>
     24 
     25 class UidRanges;
     26 
     27 class RouteController {
     28 public:
     29     // How the routing table number is determined for route modification requests.
     30     enum TableType {
     31         INTERFACE,       // Compute the table number based on the interface index.
     32         LOCAL_NETWORK,   // A fixed table used for routes to directly-connected clients/peers.
     33         LEGACY_NETWORK,  // Use a fixed table that's used to override the default network.
     34         LEGACY_SYSTEM,   // A fixed table, only modifiable by system apps; overrides VPNs too.
     35     };
     36 
     37     static const int ROUTE_TABLE_OFFSET_FROM_INDEX = 1000;
     38 
     39     static int Init(unsigned localNetId) WARN_UNUSED_RESULT;
     40 
     41     static int addInterfaceToLocalNetwork(unsigned netId, const char* interface) WARN_UNUSED_RESULT;
     42     static int removeInterfaceFromLocalNetwork(unsigned netId,
     43                                                const char* interface) WARN_UNUSED_RESULT;
     44 
     45     static int addInterfaceToPhysicalNetwork(unsigned netId, const char* interface,
     46                                              Permission permission) WARN_UNUSED_RESULT;
     47     static int removeInterfaceFromPhysicalNetwork(unsigned netId, const char* interface,
     48                                                   Permission permission) WARN_UNUSED_RESULT;
     49 
     50     static int addInterfaceToVirtualNetwork(unsigned netId, const char* interface, bool secure,
     51                                             const UidRanges& uidRanges) WARN_UNUSED_RESULT;
     52     static int removeInterfaceFromVirtualNetwork(unsigned netId, const char* interface, bool secure,
     53                                                  const UidRanges& uidRanges) WARN_UNUSED_RESULT;
     54 
     55     static int modifyPhysicalNetworkPermission(unsigned netId, const char* interface,
     56                                                Permission oldPermission,
     57                                                Permission newPermission) WARN_UNUSED_RESULT;
     58 
     59     static int addUsersToVirtualNetwork(unsigned netId, const char* interface, bool secure,
     60                                         const UidRanges& uidRanges) WARN_UNUSED_RESULT;
     61     static int removeUsersFromVirtualNetwork(unsigned netId, const char* interface, bool secure,
     62                                              const UidRanges& uidRanges) WARN_UNUSED_RESULT;
     63 
     64     static int addUsersToRejectNonSecureNetworkRule(const UidRanges& uidRanges)
     65                                                     WARN_UNUSED_RESULT;
     66     static int removeUsersFromRejectNonSecureNetworkRule(const UidRanges& uidRanges)
     67                                                          WARN_UNUSED_RESULT;
     68 
     69     static int addInterfaceToDefaultNetwork(const char* interface,
     70                                             Permission permission) WARN_UNUSED_RESULT;
     71     static int removeInterfaceFromDefaultNetwork(const char* interface,
     72                                                  Permission permission) WARN_UNUSED_RESULT;
     73 
     74     // |nexthop| can be NULL (to indicate a directly-connected route), "unreachable" (to indicate a
     75     // route that's blocked), "throw" (to indicate the lack of a match), or a regular IP address.
     76     static int addRoute(const char* interface, const char* destination, const char* nexthop,
     77                         TableType tableType) WARN_UNUSED_RESULT;
     78     static int removeRoute(const char* interface, const char* destination, const char* nexthop,
     79                            TableType tableType) WARN_UNUSED_RESULT;
     80 
     81     static int enableTethering(const char* inputInterface,
     82                                const char* outputInterface) WARN_UNUSED_RESULT;
     83     static int disableTethering(const char* inputInterface,
     84                                 const char* outputInterface) WARN_UNUSED_RESULT;
     85 
     86     static int addVirtualNetworkFallthrough(unsigned vpnNetId, const char* physicalInterface,
     87                                             Permission permission) WARN_UNUSED_RESULT;
     88     static int removeVirtualNetworkFallthrough(unsigned vpnNetId, const char* physicalInterface,
     89                                                Permission permission) WARN_UNUSED_RESULT;
     90 };
     91 
     92 #endif  // NETD_SERVER_ROUTE_CONTROLLER_H
     93