Azinix

evl.h File Reference

Rule evaluation data structures. More...

#include "tcl.h"
#include "nm.h"
#include "pkt.h"
#include "rlp.h"
#include "q.h"
#include "bdd.h"

Go to the source code of this file.

Data Structures

struct  Evl_L4LookupTable_t
 A lookup table for finding potentially applicable rules for a packet based on L4 header information. More...
struct  Evl_BddLevelPair_t
 A bdd_t and the level we are thinking of it as being at. More...
struct  Evl_ContentMgr_t
 A stucture for evaluating L7 rules. More...
struct  Evl_Fsm_t
 Fsm structure. More...
struct  Evl_Manager_t
 A representation of rules and corresponding lookup table. More...
struct  Evl_Action_t
 Struct encoding the action to be taken. More...
struct  Evl_GenericManager_t
 Generic checks. More...
struct  Evl_L4Manager_t
 Everything needed to check TCP packets. More...
struct  Evl_L4Flow_t
 Encapsulate L4 flow information specifically destPort, srcPort, destIP, srcIP. More...
struct  Evl_BridgeStats_t
 Structure encapsulating various stats, used for testing purposes. More...
struct  Evl_Bridge_t
 Basic structure used for pulling packets in and out. More...

Defines

#define my_isupper(c)   ( ( c < 91 ) && ( c > 64 ) )
#define my_uppertolower(c)   ( ( c + 32 ) )
#define EVL_MEMCMP(s1, s2, numBytes, match)
 Macro for memcmp without a function call.

Typedefs

typedef Evl_L4LookupTable_t Evl_L4LookupTable_t
typedef Evl_BddLevelPair_t Evl_BddLevelPair_t
typedef Evl_ContentMgr_t Evl_ContentMgr_t
typedef Evl_Fsm_t Evl_Fsm_t
typedef Evl_L4Manager_t Evl_L4Manager_t
 Need the typedefs below because C will not allow Evl_Manager_t to refer to Evl_TcpMaanger_t before it's declared, even as a pointer, and vice versa.
typedef Evl_GenericManager_t Evl_GenericManager_t
typedef Evl_Bridge_t Evl_Bridge_t
typedef Evl_Manager_t Evl_Manager_t
typedef Evl_Action_t Evl_Action_t
typedef Evl_L4Flow_t Evl_L4Flow_t
typedef Evl_BridgeStats_t Evl_BridgeStats_t

Functions

Heap_tEvl_AllocateQueueHeap (st_table *queueTable)
 Create a heap of Q_Q_t's , whose priorities are given by the currentPriority field.
int Evl_CompressDecompress (Pkt_EthernetHdr_t *pkt, int length, Rlp_ActionEnum_t type)
int Evl_Decompress (Pkt_EthernetHdr_t *pkt, int length)
int Evl_Compress (Pkt_EthernetHdr_t *pkt, int length)
void Evl_Crypto (Evl_Action_t *action, Pkt_ProcessPkt_t *pp, Rlp_ActionEnum_t type)
void Evl_EncryptPkt (Evl_Action_t *action, Pkt_ProcessPkt_t *pp)
void Evl_DecryptPkt (Evl_Action_t *action, Pkt_ProcessPkt_t *pp)
void Evl_RoutePkt (Evl_Action_t *action, Evl_Bridge_t *bridge, Pkt_ProcessPkt_t *pp)
 Set the route for the packet.
void Evl_UscriptAction (Rlp_Action_t *action, Evl_Manager_t *mgr, Pkt_ProcessPkt_t *pp)
 Perform action desired by user, specified as a tcl proc.
int Evl_UcodeAction (Rlp_Action_t *action, Evl_Manager_t *mgr, Pkt_ProcessPkt_t *pp)
 Perform action desired by user, implemented by C code that's been dynamically linked in previously.
int Evl_ComputeL7RuleSet (Evl_L4LookupTable_t *aRuleTable, Evl_L4Flow_t *aFlow)
 Core evaluation function - takes a flow, returns set of applicable L7 rules.
util_int_array_tEvl_ComputeL7RuleArray (Evl_L4LookupTable_t *aRuleTable, Evl_L4Flow_t *aFlow)
 Core evaluation function - takes a flow, returns array of applicable L7 rules.
void Evl_ComputeRuleSetForEth (Pkt_ProcessPkt_t *pp, Evl_Manager_t *globalMgr)
 Given an ethernet packet and Evl_Manager_t encoding a set of rules, determine all rules applicable to the packet.
void Evl_L4ComputeRuleSetForEth (Pkt_ProcessPkt_t *pp, Evl_L4Manager_t *l4mgr, array_t *result)
 Compute rules for an ip packet based on the L4 structure.
int Evl_EthEvalL7RuleContentCheck (Pkt_EthernetHdr_t *anEth, array_t *aL7CheckArray)
 Check content of an Eth packet. aL7CheckArray is an array of Rlp_L7Check_t *.
void Evl_EvalRuleArray (Evl_L4Manager_t *mgr, Pkt_ProcessPkt_t *pp, array_t *ruleArray, util_int_array_t *ruleIntArray, array_t *result)
 Given an array_t or util_int_array_t of rules, return the subset that is applicable of the given packet.
bool Evl_EthEvalL7Rule (Pkt_ProcessPkt_t *pp, Rlp_Formula_t *aL7Formula, array_t *aL7CheckArray)
 Given an ethernet packet and a layer 7 rule, determine if the rule holds of the packet.
void Evl_PktDecompress (Evl_L4Manager_t *l4mgr, Pkt_ProcessPkt_t *pp)
void Evl_PktDecrypt (Evl_L4Manager_t *l4mgr, Pkt_ProcessPkt_t *pp)
Evl_Fsm_tEvl_BuildPrefixAutomaton (array_t *byteArrayArray)
 Build a prefix automaton for a set of byte arrays.
int Evl_FsmPrint (Evl_Fsm_t *anFsm)
 Print an FSM, meant for debugging purposes.
int Evl_FsmProcessAcceptingState (Evl_Fsm_t *fsm, u_int32_t ps, st_table *stringToId, array_t *idToRules, var_set_t *set1, var_set_t *set2, var_set_t *set3, array_t *resultPtr)
 Function to be called on hitting an accepting state.
void Evl_FsmComputeRules (Evl_Fsm_t *fsm, st_table *stringToId, array_t *idToRules, var_set_t *set1, var_set_t *set2, var_set_t *set3, char *payload, int length, array_t *result)
 Simulate an FSM on a given string. Return a hash table of strings that occurred, and where they most recently occured.
int Evl_Route (Evl_Manager_t *aMgr, array_t *pktArray, int iBufSize, int ppCacheSize, int oBufSize, int actionBufSize, int maxNumPktsToRead, int numIterations, bool useSynthetic, array_t *inArray, array_t *outArray, double basicSlice, int getPacketsWeight, int computeActionsWeight, int performActionsWeight, int queuingWeight, int writePacketsWeight, array_t *ackSeqArray, Evl_BridgeStats_t **statsPtr)
 Actual firewall code. Has synthetic input mode for testing.
int Evl_InsertPacketInQueue (Evl_Manager_t *aMgr, Q_Q_t *aQ, Pkt_ProcessPkt_t *pp, Evl_Action_t *action)
 Add a packet (actually Pkt_ProcessPkt_t *) to a q - may drop if resources are overused.
int Evl_TestManager (Evl_Manager_t *aMgr)
 Routine for testing the manager structure built by Evl_BuildManager.
bool Evl_DoAction (Evl_Action_t *action, Evl_Manager_t *mgr, Evl_Bridge_t *bridge, Pkt_ProcessPkt_t *pp)
 Perform action on packet. Return 1 if packet is to be dropped, 0 otherwise.
void Evl_BridgeInsertPktInIbuf (Evl_Bridge_t *aBridge, Pkt_EthernetHdr_t *aPkt)
 Insert a packet into the bridge iBuf, meant to support scripts/code adding control/reset packets.
Evl_Manager_tEvl_BuildManager (char *ruleFileString, Tcl_Interp *interp, ClientData cd)
 Build basic evl data structures from a rule-set.
Evl_Action_tEvl_AllocAction (Rlp_Action_t *parsedAction)
 Create the action structured from the parsed entries.
bdd_t * Evl_BuildBddFromL4Formula (Rlp_L4Check_t *L4Check, st_table *defineTable, bdd_manager *bddMgr)
 Build a bdd for the L4 check.
bdd_t * Evl_BuildBddForIps (Rlp_Formula_t *srcIp, bdd_manager *bddMgr, st_table *defineTable)
 Build a bdd for an ip formula.
bdd_t * Evl_BuildBddForPorts (Rlp_Formula_t *portFormula, bdd_manager *bddMgr, st_table *defineTable)
 Create a BDD from a port formula.
bdd_t * Evl_BuildBddForPortRange (int lowPort, int highPort, bdd_manager *bddMgr)
 Build Bdd for a port interval [low,high], inclusive of end-points.
int Evl_BddCmp (char *aBdd, char *bBdd)
 Compare function for bdd_t.
int Evl_BddHash (char *aBdd, int modulus)
 Hash function for bdd_t.
Evl_L4LookupTable_tEvl_RuleRelationToLookupTable (bdd_t *TR, Evl_L4Manager_t *L4Mgr, array_t *ruleVarArray)
 Build a lookup table from the rule relation BDD.
Evl_L4LookupTable_tEvl_L4BuildLookup (Evl_BddLevelPair_t *root, int numClasses, Evl_L4Manager_t *L4Mgr, st_table *allDecisionNodes)
 Build the L4 lookup array.
Evl_BddLevelPair_tEvl_CreateBddLevelPair (bdd_t *aBdd, int level)
 Allocate and populate a bdd-and-level struct.
int Evl_BddLevelPairHash (char *aPtr, int modulus)
 Hash function for a bdd-level pair.
int Evl_BddLevelPairCmp (char *aPtr, char *bPtr)
 Compare function for a bdd-level pair.
Evl_L4Manager_tEvl_L4ManagerAlloc (Evl_Manager_t *mgr, char *mode)
 Allocate and initialize a TCP manager.
Evl_Manager_tEvl_ManagerAlloc ()
 Allocate and initialize a manager.
int Evl_ManagerFree (Evl_Manager_t *result)
 Free an L4 Manager.
Evl_ContentMgr_tEvl_BuildContentMgr (array_t *L7CheckArray)
 Given an array of Rlp_Formula_t's, assumed to be L7 rules, return an Evl_ContentMgr_t.
Evl_ContentMgr_tEvl_AllocContentMgr ()
 Allocate a content manager structure.
void Evl_PrintContentMgr (Evl_ContentMgr_t *aCM)
 Print a content manager.
int Evl_L4LookupTableAddRuleArrays (Evl_L4LookupTable_t *table)
 Add rule arrays in addition to the sets.
Evl_ContentMgr_tEvl_BuildContentMgrForLowerCaseStrings (Evl_ContentMgr_t *aCM)
 Build the content manager with all strings projected down to lower case.

Detailed Description

Rule evaluation data structures.

Definition in file evl.h.

Define Documentation

#define EVL_MEMCMP ( s1,
s2,
numBytes,
match   ) 

Value:

while ( numBytes-- && ( s1[numBytes] == s2[numBytes] ) ); \
            match = ( numBytes == 0 ) ? true : false;
Macro for memcmp without a function call.

Result is in tmpIndex, which is 0 iff the two are equal.

Definition at line 39 of file evl.h.

#define my_isupper (  )     ( ( c < 91 ) && ( c > 64 ) )

Definition at line 21 of file evl.h.

#define my_uppertolower (  )     ( ( c + 32 ) )

Definition at line 22 of file evl.h.

Typedef Documentation

typedef struct Evl_Action_t Evl_Action_t

Definition at line 482 of file evl.h.

typedef struct Evl_BddLevelPair_t Evl_BddLevelPair_t

Definition at line 91 of file evl.h.

typedef struct Evl_Bridge_t Evl_Bridge_t

Definition at line 397 of file evl.h.

typedef struct Evl_BridgeStats_t Evl_BridgeStats_t

Definition at line 590 of file evl.h.

typedef struct Evl_ContentMgr_t Evl_ContentMgr_t

Definition at line 344 of file evl.h.

typedef struct Evl_Fsm_t Evl_Fsm_t

Definition at line 387 of file evl.h.

typedef struct Evl_GenericManager_t Evl_GenericManager_t

Definition at line 396 of file evl.h.

typedef struct Evl_L4Flow_t Evl_L4Flow_t

Definition at line 563 of file evl.h.

typedef struct Evl_L4LookupTable_t Evl_L4LookupTable_t

Definition at line 80 of file evl.h.

typedef struct Evl_L4Manager_t Evl_L4Manager_t

Need the typedefs below because C will not allow Evl_Manager_t to refer to Evl_TcpMaanger_t before it's declared, even as a pointer, and vice versa.

Definition at line 395 of file evl.h.

typedef struct Evl_Manager_t Evl_Manager_t

Definition at line 468 of file evl.h.

Function Documentation

Evl_Action_t* Evl_AllocAction ( Rlp_Action_t parsedAction  ) 

Create the action structured from the parsed entries.

Definition at line 272 of file evlMgr.c.

Heap_t* Evl_AllocateQueueHeap ( st_table queueTable  ) 

Create a heap of Q_Q_t's , whose priorities are given by the currentPriority field.

AutomaticStart

Definition at line 43 of file evlAct.c.

Evl_ContentMgr_t* Evl_AllocContentMgr (  ) 

Allocate a content manager structure.

Definition at line 2003 of file evlMgr.c.

int Evl_BddCmp ( char *  aBdd,
char *  bBdd 
)

Compare function for bdd_t.

Definition at line 704 of file evlMgr.c.

int Evl_BddHash ( char *  aBdd,
int  modulus 
)

Hash function for bdd_t.

Makes use of the bdd_node structure, here's the info from the bdd.doc:

bdd_node * bdd_get_node(f, is_complemented) bdd_t *f; boolean *is_complemented;

Return the regularized (i.e. uncomplemented) pointer to the bdd_node to which `f' refers. Also, returns whether or not the bdd_node pointer is complemented. Note well: the address of a bdd_node changes upon garbage collection. If your code is sensitive to the addresses of bdd_nodes, and you invoke BDD routines which cause new bdd_nodes to be created, then a garbage collection may automatically be triggered. To prevent a garbage collection from automatically occurring, use bdd_set_gc_mode to turn off garbage collection before a sensitive piece of code is executed.

Definition at line 745 of file evlMgr.c.

int Evl_BddLevelPairCmp ( char *  aPtr,
char *  bPtr 
)

Compare function for a bdd-level pair.

Definition at line 1437 of file evlMgr.c.

int Evl_BddLevelPairHash ( char *  aPtr,
int  modulus 
)

Hash function for a bdd-level pair.

Definition at line 1419 of file evlMgr.c.

void Evl_BridgeInsertPktInIbuf ( Evl_Bridge_t aBridge,
Pkt_EthernetHdr_t aPkt 
)

Insert a packet into the bridge iBuf, meant to support scripts/code adding control/reset packets.

Definition at line 1472 of file evlMain.c.

bdd_t* Evl_BuildBddForIps ( Rlp_Formula_t srcIp,
bdd_manager *  bddMgr,
st_table defineTable 
)

Build a bdd for an ip formula.

Variables are starting from 0, which is the LSB of the IP address.

Definition at line 427 of file evlMgr.c.

bdd_t* Evl_BuildBddForPortRange ( int  lowPort,
int  highPort,
bdd_manager *  bddMgr 
)

Build Bdd for a port interval [low,high], inclusive of end-points.

Definition at line 617 of file evlMgr.c.

bdd_t* Evl_BuildBddForPorts ( Rlp_Formula_t portFormula,
bdd_manager *  bddMgr,
st_table defineTable 
)

Create a BDD from a port formula.

Definition at line 558 of file evlMgr.c.

bdd_t* Evl_BuildBddFromL4Formula ( Rlp_L4Check_t L4Check,
st_table defineTable,
bdd_manager *  bddMgr 
)

Build a bdd for the L4 check.

Definition at line 344 of file evlMgr.c.

Evl_ContentMgr_t* Evl_BuildContentMgr ( array_t L7CheckArray  ) 

Given an array of Rlp_Formula_t's, assumed to be L7 rules, return an Evl_ContentMgr_t.

Definition at line 1891 of file evlMgr.c.

Evl_ContentMgr_t* Evl_BuildContentMgrForLowerCaseStrings ( Evl_ContentMgr_t aCM  ) 

Build the content manager with all strings projected down to lower case.

We use this in the following way: we have a number of checks that are case-insensitive, and a number that are case-sensitive. We could build two DFA, and then run the checks twice. On the other hand we could make ALL of the DFA checks case-insensitive, and then in the final detailed check, take case into account. We choose the latter since it means only a single pass over the packet. There is a possibility of false positives from this scheme, e.g., a case specific search search for "abc" will be matched by "ABC"; I don't have a detailed analysis/study of this pheonomenon, but it seems to be unlikely.

See also:
evalContentCheck

Definition at line 2445 of file evlMgr.c.

Evl_Manager_t* Evl_BuildManager ( char *  ruleFileString,
Tcl_Interp *  interp,
ClientData  cd 
)

Build basic evl data structures from a rule-set.

Definition at line 192 of file evlMgr.c.

Evl_Fsm_t* Evl_BuildPrefixAutomaton ( array_t byteArrayArray  ) 

Build a prefix automaton for a set of byte arrays.

Definition at line 64 of file evlFsm.c.

int Evl_Compress ( Pkt_EthernetHdr_t pkt,
int  length 
)

int Evl_CompressDecompress ( Pkt_EthernetHdr_t pkt,
int  length,
Rlp_ActionEnum_t  type 
)

util_int_array_t* Evl_ComputeL7RuleArray ( Evl_L4LookupTable_t aRuleTable,
Evl_L4Flow_t aFlow 
)

Core evaluation function - takes a flow, returns array of applicable L7 rules.

Definition at line 94 of file evl.c.

int Evl_ComputeL7RuleSet ( Evl_L4LookupTable_t aRuleTable,
Evl_L4Flow_t aFlow 
)

Core evaluation function - takes a flow, returns set of applicable L7 rules.

Definition at line 74 of file evl.c.

void Evl_ComputeRuleSetForEth ( Pkt_ProcessPkt_t pp,
Evl_Manager_t globalMgr 
)

Given an ethernet packet and Evl_Manager_t encoding a set of rules, determine all rules applicable to the packet.

Packet is assumed to be in host order. Caller must pass in the array_t into which results are written.

Not handling icmp, just tcp, udp, ip

Definition at line 167 of file evl.c.

Evl_BddLevelPair_t* Evl_CreateBddLevelPair ( bdd_t *  aBdd,
int  level 
)

Allocate and populate a bdd-and-level struct.

Definition at line 1403 of file evlMgr.c.

void Evl_Crypto ( Evl_Action_t action,
Pkt_ProcessPkt_t pp,
Rlp_ActionEnum_t  type 
)

int Evl_Decompress ( Pkt_EthernetHdr_t pkt,
int  length 
)

void Evl_DecryptPkt ( Evl_Action_t action,
Pkt_ProcessPkt_t pp 
)

bool Evl_DoAction ( Evl_Action_t action,
Evl_Manager_t mgr,
Evl_Bridge_t bridge,
Pkt_ProcessPkt_t pp 
)

Perform action on packet. Return 1 if packet is to be dropped, 0 otherwise.

Must not be called with queuing actions.

Definition at line 1064 of file evlMain.c.

void Evl_EncryptPkt ( Evl_Action_t action,
Pkt_ProcessPkt_t pp 
)

bool Evl_EthEvalL7Rule ( Pkt_ProcessPkt_t pp,
Rlp_Formula_t aL7Formula,
array_t aL7CheckArray 
)

Given an ethernet packet and a layer 7 rule, determine if the rule holds of the packet.

Pass in an array of Rlp_L7Check_t for the content check; if it's NIL there are no content checks.

Definition at line 1379 of file evl.c.

int Evl_EthEvalL7RuleContentCheck ( Pkt_EthernetHdr_t anEth,
array_t aL7CheckArray 
)

Check content of an Eth packet. aL7CheckArray is an array of Rlp_L7Check_t *.

Definition at line 403 of file evl.c.

void Evl_EvalRuleArray ( Evl_L4Manager_t mgr,
Pkt_ProcessPkt_t pp,
array_t ruleArray,
util_int_array_t ruleIntArray,
array_t result 
)

Given an array_t or util_int_array_t of rules, return the subset that is applicable of the given packet.

Result must be passed in, and be as long as there are rules in the mgr.

Definition at line 969 of file evl.c.

void Evl_FsmComputeRules ( Evl_Fsm_t fsm,
st_table stringToId,
array_t idToRules,
var_set_t set1,
var_set_t set2,
var_set_t set3,
char *  payload,
int  length,
array_t result 
)

Simulate an FSM on a given string. Return a hash table of strings that occurred, and where they most recently occured.

Checks are case-insensitive, to merge the checks for case-specific and case-insensitive strings. In the final check using evalContentCheck this is resolved - the FSM search merely serves as a pre-processor.

Definition at line 611 of file evlFsm.c.

int Evl_FsmPrint ( Evl_Fsm_t anFsm  ) 

Print an FSM, meant for debugging purposes.

Definition at line 201 of file evlFsm.c.

int Evl_FsmProcessAcceptingState ( Evl_Fsm_t fsm,
u_int32_t  ps,
st_table stringToId,
array_t idToRules,
var_set_t set1,
var_set_t set2,
var_set_t set3,
array_t resultPtr 
)

Function to be called on hitting an accepting state.

Definition at line 556 of file evlFsm.c.

int Evl_InsertPacketInQueue ( Evl_Manager_t aMgr,
Q_Q_t aQ,
Pkt_ProcessPkt_t pp,
Evl_Action_t action 
)

Add a packet (actually Pkt_ProcessPkt_t *) to a q - may drop if resources are overused.

Return 1 if succ, 0 if dropped.

Definition at line 796 of file evlMain.c.

Evl_L4LookupTable_t* Evl_L4BuildLookup ( Evl_BddLevelPair_t root,
int  numClasses,
Evl_L4Manager_t L4Mgr,
st_table allDecisionNodes 
)

Build the L4 lookup array.

Definition at line 1202 of file evlMgr.c.

void Evl_L4ComputeRuleSetForEth ( Pkt_ProcessPkt_t pp,
Evl_L4Manager_t l4mgr,
array_t result 
)

Compute rules for an ip packet based on the L4 structure.

This only works for certain l4 protocols, such as tcp, udp, icmp (Currently, we use it for ip too)

Definition at line 244 of file evl.c.

int Evl_L4LookupTableAddRuleArrays ( Evl_L4LookupTable_t table  ) 

Add rule arrays in addition to the sets.

Definition at line 2397 of file evlMgr.c.

Evl_L4Manager_t* Evl_L4ManagerAlloc ( Evl_Manager_t mgr,
char *  mode 
)

Allocate and initialize a TCP manager.

Definition at line 1497 of file evlMgr.c.

Evl_Manager_t* Evl_ManagerAlloc (  ) 

Allocate and initialize a manager.

Definition at line 1563 of file evlMgr.c.

int Evl_ManagerFree ( Evl_Manager_t result  ) 

Free an L4 Manager.

Definition at line 1877 of file evlMgr.c.

void Evl_PktDecompress ( Evl_L4Manager_t l4mgr,
Pkt_ProcessPkt_t pp 
)

void Evl_PktDecrypt ( Evl_L4Manager_t l4mgr,
Pkt_ProcessPkt_t pp 
)

void Evl_PrintContentMgr ( Evl_ContentMgr_t aCM  ) 

Print a content manager.

Definition at line 2025 of file evlMgr.c.

int Evl_Route ( Evl_Manager_t aMgr,
array_t pktArray,
int  iBufSize,
int  ppCacheSize,
int  oBufSize,
int  actionBufSize,
int  maxNumPktsToRead,
int  numIterations,
bool  useSynthetic,
array_t inArray,
array_t outArray,
double  basicSlice,
int  getPacketsWeight,
int  computeActionsWeight,
int  performActionsWeight,
int  queuingWeight,
int  writePacketsWeight,
array_t ackSeqArray,
Evl_BridgeStats_t **  statsPtr 
)

Actual firewall code. Has synthetic input mode for testing.

Definition at line 81 of file evlMain.c.

void Evl_RoutePkt ( Evl_Action_t action,
Evl_Bridge_t bridge,
Pkt_ProcessPkt_t pp 
)

Set the route for the packet.

Definition at line 94 of file evlAct.c.

Evl_L4LookupTable_t* Evl_RuleRelationToLookupTable ( bdd_t *  TR,
Evl_L4Manager_t L4Mgr,
array_t ruleVarArray 
)

Build a lookup table from the rule relation BDD.

Precondition:
First 96 vars are dest port, src port, dest ip, src ip.
We're going to return an array that will be used to represent a 256-ary tree mapping IP headers to bit-vectors whose length is equal to the number of distinct L4 rules.

Definition at line 983 of file evlMgr.c.

int Evl_TestManager ( Evl_Manager_t aMgr  ) 

Routine for testing the manager structure built by Evl_BuildManager.

Definition at line 972 of file evlMain.c.

int Evl_UcodeAction ( Rlp_Action_t action,
Evl_Manager_t mgr,
Pkt_ProcessPkt_t pp 
)

Perform action desired by user, implemented by C code that's been dynamically linked in previously.

Action is a C function which takes several parameters

Definition at line 175 of file evlAct.c.

void Evl_UscriptAction ( Rlp_Action_t action,
Evl_Manager_t mgr,
Pkt_ProcessPkt_t pp 
)

Perform action desired by user, specified as a tcl proc.

Action is a tcl proc which takes two parameters, specifically a mgr and a pointer to a packet (well the int ids that we're using in place of the pointers).

Definition at line 129 of file evlAct.c.