2 * Copyright (C) 2014 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #ifndef NETD_SERVER_ROUTE_CONTROLLER_H
18 #define NETD_SERVER_ROUTE_CONTROLLER_H
20 #include "NetdConstants.h"
21 #include "Permission.h"
23 #include <sys/types.h>
27 class RouteController {
29 // How the routing table number is determined for route modification requests.
31 INTERFACE, // Compute the table number based on the interface index.
32 LOCAL_NETWORK, // A fixed table used for routes to directly-connected clients/peers.
33 LEGACY_NETWORK, // Use a fixed table that's used to override the default network.
34 LEGACY_SYSTEM, // A fixed table, only modifiable by system apps; overrides VPNs too.
37 static const int ROUTE_TABLE_OFFSET_FROM_INDEX = 1000;
39 static int Init(unsigned localNetId) WARN_UNUSED_RESULT;
41 static int addInterfaceToLocalNetwork(unsigned netId, const char* interface) WARN_UNUSED_RESULT;
42 static int removeInterfaceFromLocalNetwork(unsigned netId,
43 const char* interface) WARN_UNUSED_RESULT;
45 static int addInterfaceToPhysicalNetwork(unsigned netId, const char* interface,
46 Permission permission) WARN_UNUSED_RESULT;
47 static int removeInterfaceFromPhysicalNetwork(unsigned netId, const char* interface,
48 Permission permission) WARN_UNUSED_RESULT;
50 static int addInterfaceToVirtualNetwork(unsigned netId, const char* interface, bool secure,
51 const UidRanges& uidRanges) WARN_UNUSED_RESULT;
52 static int removeInterfaceFromVirtualNetwork(unsigned netId, const char* interface, bool secure,
53 const UidRanges& uidRanges) WARN_UNUSED_RESULT;
55 static int modifyPhysicalNetworkPermission(unsigned netId, const char* interface,
56 Permission oldPermission,
57 Permission newPermission) WARN_UNUSED_RESULT;
59 static int addUsersToVirtualNetwork(unsigned netId, const char* interface, bool secure,
60 const UidRanges& uidRanges) WARN_UNUSED_RESULT;
61 static int removeUsersFromVirtualNetwork(unsigned netId, const char* interface, bool secure,
62 const UidRanges& uidRanges) WARN_UNUSED_RESULT;
64 static int addUsersToRejectNonSecureNetworkRule(const UidRanges& uidRanges)
66 static int removeUsersFromRejectNonSecureNetworkRule(const UidRanges& uidRanges)
69 static int addInterfaceToDefaultNetwork(const char* interface,
70 Permission permission) WARN_UNUSED_RESULT;
71 static int removeInterfaceFromDefaultNetwork(const char* interface,
72 Permission permission) WARN_UNUSED_RESULT;
74 // |nexthop| can be NULL (to indicate a directly-connected route), "unreachable" (to indicate a
75 // route that's blocked), "throw" (to indicate the lack of a match), or a regular IP address.
76 static int addRoute(const char* interface, const char* destination, const char* nexthop,
77 TableType tableType) WARN_UNUSED_RESULT;
78 static int removeRoute(const char* interface, const char* destination, const char* nexthop,
79 TableType tableType) WARN_UNUSED_RESULT;
81 static int enableTethering(const char* inputInterface,
82 const char* outputInterface) WARN_UNUSED_RESULT;
83 static int disableTethering(const char* inputInterface,
84 const char* outputInterface) WARN_UNUSED_RESULT;
86 static int addVirtualNetworkFallthrough(unsigned vpnNetId, const char* physicalInterface,
87 Permission permission) WARN_UNUSED_RESULT;
88 static int removeVirtualNetworkFallthrough(unsigned vpnNetId, const char* physicalInterface,
89 Permission permission) WARN_UNUSED_RESULT;
92 #endif // NETD_SERVER_ROUTE_CONTROLLER_H