summaryrefslogtreecommitdiff
path: root/drivers/net/npe/IxEthDBFirewall.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/net/npe/IxEthDBFirewall.c')
-rw-r--r--drivers/net/npe/IxEthDBFirewall.c242
1 files changed, 0 insertions, 242 deletions
diff --git a/drivers/net/npe/IxEthDBFirewall.c b/drivers/net/npe/IxEthDBFirewall.c
deleted file mode 100644
index c0ae562..0000000
--- a/drivers/net/npe/IxEthDBFirewall.c
+++ /dev/null
@@ -1,242 +0,0 @@
-/**
- * @file IxEthDBFirewall.c
- *
- * @brief Implementation of the firewall API
- *
- * @par
- * IXP400 SW Release version 2.0
- *
- * -- Copyright Notice --
- *
- * @par
- * Copyright 2001-2005, Intel Corporation.
- * All rights reserved.
- *
- * @par
- * SPDX-License-Identifier: BSD-3-Clause
- * @par
- * -- End of Copyright Notice --
- */
-
-
-#include "IxEthDB_p.h"
-
-/**
- * @brief updates the NPE firewall operating mode and
- * firewall address table
- *
- * @param portID ID of the port
- * @param epDelta initial entry point for binary searches (NPE optimization)
- * @param address address of the firewall MAC address table
- *
- * This function will send a message to the NPE configuring the
- * firewall mode (white list or black list), invalid source
- * address filtering and downloading a new MAC address database
- * to be used for firewall matching.
- *
- * @return IX_ETH_DB_SUCCESS if the operation completed
- * successfully or IX_ETH_DB_FAIL otherwise
- *
- * @internal
- */
-IX_ETH_DB_PUBLIC
-IxEthDBStatus ixEthDBFirewallUpdate(IxEthDBPortId portID, void *address, UINT32 epDelta)
-{
- IxNpeMhMessage message;
- IX_STATUS result;
-
- UINT32 mode = 0;
- PortInfo *portInfo = &ixEthDBPortInfo[portID];
-
- mode = (portInfo->srcAddressFilterEnabled != false) << 1 | (portInfo->firewallMode == IX_ETH_DB_FIREWALL_WHITE_LIST);
-
- FILL_SETFIREWALLMODE_MSG(message,
- IX_ETH_DB_PORT_ID_TO_NPE_LOGICAL_ID(portID),
- epDelta,
- mode,
- IX_OSAL_MMU_VIRT_TO_PHYS(address));
-
- IX_ETHDB_SEND_NPE_MSG(IX_ETH_DB_PORT_ID_TO_NPE(portID), message, result);
-
- return result;
-}
-
-/**
- * @brief configures the firewall white list/black list
- * access mode
- *
- * @param portID ID of the port
- * @param mode firewall filtering mode (IX_ETH_DB_FIREWALL_WHITE_LIST
- * or IX_ETH_DB_FIREWALL_BLACK_LIST)
- *
- * Note that this function is documented in the main component
- * header file, IxEthDB.h.
- *
- * @return IX_ETH_DB_SUCCESS if the operation completed
- * successfully or an appropriate error message otherwise
- */
-IX_ETH_DB_PUBLIC
-IxEthDBStatus ixEthDBFirewallModeSet(IxEthDBPortId portID, IxEthDBFirewallMode mode)
-{
- IX_ETH_DB_CHECK_PORT(portID);
-
- IX_ETH_DB_CHECK_SINGLE_NPE(portID);
-
- IX_ETH_DB_CHECK_FEATURE(portID, IX_ETH_DB_FIREWALL);
-
- if (mode != IX_ETH_DB_FIREWALL_WHITE_LIST
- && mode != IX_ETH_DB_FIREWALL_BLACK_LIST)
- {
- return IX_ETH_DB_INVALID_ARG;
- }
-
- ixEthDBPortInfo[portID].firewallMode = mode;
-
- return ixEthDBFirewallTableDownload(portID);
-}
-
-/**
- * @brief enables or disables the invalid source MAC address filter
- *
- * @param portID ID of the port
- * @param enable true to enable invalid source MAC address filtering
- * or false to disable it
- *
- * The invalid source MAC address filter will discard, when enabled,
- * frames whose source MAC address is a multicast or the broadcast MAC
- * address.
- *
- * Note that this function is documented in the main component
- * header file, IxEthDB.h.
- *
- * @return IX_ETH_DB_SUCCESS if the operation completed
- * successfully or an appropriate error message otherwise
- */
-IX_ETH_DB_PUBLIC
-IxEthDBStatus ixEthDBFirewallInvalidAddressFilterEnable(IxEthDBPortId portID, BOOL enable)
-{
- IX_ETH_DB_CHECK_PORT(portID);
-
- IX_ETH_DB_CHECK_SINGLE_NPE(portID);
-
- IX_ETH_DB_CHECK_FEATURE(portID, IX_ETH_DB_FIREWALL);
-
- ixEthDBPortInfo[portID].srcAddressFilterEnabled = enable;
-
- return ixEthDBFirewallTableDownload(portID);
-}
-
-/**
- * @brief adds a firewall record
- *
- * @param portID ID of the port
- * @param macAddr MAC address of the new record
- *
- * This function will add a new firewall record
- * on the specified port, using the specified
- * MAC address. If the record already exists this
- * function will silently return IX_ETH_DB_SUCCESS,
- * although no duplicate records are added.
- *
- * Note that this function is documented in the main
- * component header file, IxEthDB.h.
- *
- * @return IX_ETH_DB_SUCCESS if the operation completed
- * successfully or an appropriate error message otherwise
- */
-IX_ETH_DB_PUBLIC
-IxEthDBStatus ixEthDBFirewallEntryAdd(IxEthDBPortId portID, IxEthDBMacAddr *macAddr)
-{
- MacDescriptor recordTemplate;
-
- IX_ETH_DB_CHECK_PORT(portID);
-
- IX_ETH_DB_CHECK_SINGLE_NPE(portID);
-
- IX_ETH_DB_CHECK_REFERENCE(macAddr);
-
- IX_ETH_DB_CHECK_FEATURE(portID, IX_ETH_DB_FIREWALL);
-
- memcpy(recordTemplate.macAddress, macAddr, sizeof (IxEthDBMacAddr));
-
- recordTemplate.type = IX_ETH_DB_FIREWALL_RECORD;
- recordTemplate.portID = portID;
-
- return ixEthDBAdd(&recordTemplate, NULL);
-}
-
-/**
- * @brief removes a firewall record
- *
- * @param portID ID of the port
- * @param macAddr MAC address of the record to remove
- *
- * This function will attempt to remove a firewall
- * record from the given port, using the specified
- * MAC address.
- *
- * Note that this function is documented in the main
- * component header file, IxEthDB.h.
- *
- * @return IX_ETH_DB_SUCCESS if the operation completed
- * successfully of an appropriate error message otherwise
- */
-IX_ETH_DB_PUBLIC
-IxEthDBStatus ixEthDBFirewallEntryRemove(IxEthDBPortId portID, IxEthDBMacAddr *macAddr)
-{
- MacDescriptor recordTemplate;
-
- IX_ETH_DB_CHECK_PORT(portID);
-
- IX_ETH_DB_CHECK_SINGLE_NPE(portID);
-
- IX_ETH_DB_CHECK_REFERENCE(macAddr);
-
- IX_ETH_DB_CHECK_FEATURE(portID, IX_ETH_DB_FIREWALL);
-
- memcpy(recordTemplate.macAddress, macAddr, sizeof (IxEthDBMacAddr));
-
- recordTemplate.type = IX_ETH_DB_FIREWALL_RECORD;
- recordTemplate.portID = portID;
-
- return ixEthDBRemove(&recordTemplate, NULL);
-}
-
-/**
- * @brief downloads the firewall address table to an NPE
- *
- * @param portID ID of the port
- *
- * This function will download the firewall address table to
- * an NPE port.
- *
- * Note that this function is documented in the main
- * component header file, IxEthDB.h.
- *
- * @return IX_ETH_DB_SUCCESS if the operation completed
- * successfully or IX_ETH_DB_FAIL otherwise
- */
-IX_ETH_DB_PUBLIC
-IxEthDBStatus ixEthDBFirewallTableDownload(IxEthDBPortId portID)
-{
- IxEthDBPortMap query;
- IxEthDBStatus result;
-
- IX_ETH_DB_CHECK_PORT(portID);
-
- IX_ETH_DB_CHECK_SINGLE_NPE(portID);
-
- IX_ETH_DB_CHECK_FEATURE(portID, IX_ETH_DB_FIREWALL);
-
- SET_DEPENDENCY_MAP(query, portID);
-
- ixEthDBUpdateLock();
-
- ixEthDBPortInfo[portID].updateMethod.searchTree = ixEthDBQuery(NULL, query, IX_ETH_DB_FIREWALL_RECORD, MAX_FW_SIZE);
-
- result = ixEthDBNPEUpdateHandler(portID, IX_ETH_DB_FIREWALL_RECORD);
-
- ixEthDBUpdateUnlock();
-
- return result;
-}