server/RouteController.h

   1 /*
   2  * Copyright (C) 2014 The Android Open Source Project
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 #ifndef NETD_SERVER_ROUTE_CONTROLLER_H
  18 #define NETD_SERVER_ROUTE_CONTROLLER_H
  19
  20 #include "NetdConstants.h"
  21 #include "Permission.h"
  22
  23 #include <sys/types.h>
  24
  25 class UidRanges;
  26
  27 class RouteController {
  28 public:
  29     // How the routing table number is determined for route modification requests.
  30     enum TableType {
  31         INTERFACE,       // Compute the table number based on the interface index.
  32         LOCAL_NETWORK,   // A fixed table used for routes to directly-connected clients/peers.
  33         LEGACY_NETWORK,  // Use a fixed table that's used to override the default network.
  34         LEGACY_SYSTEM,   // A fixed table, only modifiable by system apps; overrides VPNs too.
  35     };
  36
  37     static const int ROUTE_TABLE_OFFSET_FROM_INDEX = 1000;
  38
  39     static int Init(unsigned localNetId) WARN_UNUSED_RESULT;
  40
  41     static int addInterfaceToLocalNetwork(unsigned netId, const char* interface) WARN_UNUSED_RESULT;
  42     static int removeInterfaceFromLocalNetwork(unsigned netId,
  43                                                const char* interface) WARN_UNUSED_RESULT;
  44
  45     static int addInterfaceToPhysicalNetwork(unsigned netId, const char* interface,
  46                                              Permission permission) WARN_UNUSED_RESULT;
  47     static int removeInterfaceFromPhysicalNetwork(unsigned netId, const char* interface,
  48                                                   Permission permission) WARN_UNUSED_RESULT;
  49
  50     static int addInterfaceToVirtualNetwork(unsigned netId, const char* interface, bool secure,
  51                                             const UidRanges& uidRanges) WARN_UNUSED_RESULT;
  52     static int removeInterfaceFromVirtualNetwork(unsigned netId, const char* interface, bool secure,
  53                                                  const UidRanges& uidRanges) WARN_UNUSED_RESULT;
  54
  55     static int modifyPhysicalNetworkPermission(unsigned netId, const char* interface,
  56                                                Permission oldPermission,
  57                                                Permission newPermission) WARN_UNUSED_RESULT;
  58
  59     static int addUsersToVirtualNetwork(unsigned netId, const char* interface, bool secure,
  60                                         const UidRanges& uidRanges) WARN_UNUSED_RESULT;
  61     static int removeUsersFromVirtualNetwork(unsigned netId, const char* interface, bool secure,
  62                                              const UidRanges& uidRanges) WARN_UNUSED_RESULT;
  63
  64     static int addUsersToRejectNonSecureNetworkRule(const UidRanges& uidRanges)
  65                                                     WARN_UNUSED_RESULT;
  66     static int removeUsersFromRejectNonSecureNetworkRule(const UidRanges& uidRanges)
  67                                                          WARN_UNUSED_RESULT;
  68
  69     static int addInterfaceToDefaultNetwork(const char* interface,
  70                                             Permission permission) WARN_UNUSED_RESULT;
  71     static int removeInterfaceFromDefaultNetwork(const char* interface,
  72                                                  Permission permission) WARN_UNUSED_RESULT;
  73
  74     // |nexthop| can be NULL (to indicate a directly-connected route), "unreachable" (to indicate a
  75     // route that's blocked), "throw" (to indicate the lack of a match), or a regular IP address.
  76     static int addRoute(const char* interface, const char* destination, const char* nexthop,
  77                         TableType tableType) WARN_UNUSED_RESULT;
  78     static int removeRoute(const char* interface, const char* destination, const char* nexthop,
  79                            TableType tableType) WARN_UNUSED_RESULT;
  80
  81     static int enableTethering(const char* inputInterface,
  82                                const char* outputInterface) WARN_UNUSED_RESULT;
  83     static int disableTethering(const char* inputInterface,
  84                                 const char* outputInterface) WARN_UNUSED_RESULT;
  85
  86     static int addVirtualNetworkFallthrough(unsigned vpnNetId, const char* physicalInterface,
  87                                             Permission permission) WARN_UNUSED_RESULT;
  88     static int removeVirtualNetworkFallthrough(unsigned vpnNetId, const char* physicalInterface,
  89                                                Permission permission) WARN_UNUSED_RESULT;
  90 };
  91
  92 #endif  // NETD_SERVER_ROUTE_CONTROLLER_H