You can write your own C code or Tcl scripts to serve
as an action for a rule. Such routines are referred to
as extensions.
A rule calls an extension written in C as follows:
ip any any -> any any ( ) c-ext:limit:1.0:1:limit test;
The c-ext construct specfies that the action
is implemented by the function limit.
Whenever the condition of the rule is met, the function
limit is invoked. The string following the colon,
1.0:1:limit test is passed directly to
the called function.
int action (Evl_Manager_t *, Pkt_ProcessPkt_t *, void **mystate, void *argument )
The called function gets a pointer to the rule manager (a structure which encapsulates
the rules), a pointer to
a structure encapsulating the packet, a pointer to a void *,
which is initialized to NULL, and can be used by the called function
to register persistent state, and an argument, which is the
string, e.g., 1.0:1:limit test for the example above.
The function is to return 0, just in case the packet is not to be dropped; a nonzero return code is used to indicate the packet should be dropped.
Axinix includes with the following C extensions:
- Ucode_1:
a simple example of how to write plugins.
- stats: periodically prints stats on traffic through the
different interfaces to console
- urls: code to search for HTTP GET
requests, and log the requested URL.
- limit: code to limit
the number of packets forwarded in a specified time interval.
- encrypt: applies AES encryption
to the payload of TCP packets. The string argument passed in
is the key.
- decrypt: complements encrypt
- compress: applies lzo compression
to IP packets.
lzo compression can increase size, so we change the Layer-3 protocol field in the Ethernet frame from 0x0008 to 0x0009 to indicate that the packet was actually compressed.
- decompress: complements compress
ip any any -> any any ( ) tcl-ext:uscript_1;
The tcl-ext construct specfies that the action
is implemented by the Tcl proc uscript_1.
Whenever the condition of the rule is met, the proc
uscript_1 is invoked.
The Tcl interface is as follows:
proc uscript_1 { mgr pkt }
The manager and the packet are passed to the proc; there is no returned value.
Axinix includes the following Tcl plugins:
- log_payload: write the packet payload to a text file
- print_http: parse packet for HTTP GET, write URL to console. Note that it should be used in conjunction with a content check like content:"HTTP GET".