1b1b8bc3fSopenharmony_ci/* 2b1b8bc3fSopenharmony_ci * Copyright (c) 2024 Huawei Device Co., Ltd. 3b1b8bc3fSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4b1b8bc3fSopenharmony_ci * you may not use this file except in compliance with the License. 5b1b8bc3fSopenharmony_ci * You may obtain a copy of the License at 6b1b8bc3fSopenharmony_ci * 7b1b8bc3fSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8b1b8bc3fSopenharmony_ci * 9b1b8bc3fSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10b1b8bc3fSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11b1b8bc3fSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12b1b8bc3fSopenharmony_ci * See the License for the specific language governing permissions and 13b1b8bc3fSopenharmony_ci * limitations under the License. 14b1b8bc3fSopenharmony_ci */ 15b1b8bc3fSopenharmony_ci 16b1b8bc3fSopenharmony_ci#ifndef NETMANAGER_EXT_NET_FIREWALL_BITMAP_MANAGER_H 17b1b8bc3fSopenharmony_ci#define NETMANAGER_EXT_NET_FIREWALL_BITMAP_MANAGER_H 18b1b8bc3fSopenharmony_ci 19b1b8bc3fSopenharmony_ci#include <securec.h> 20b1b8bc3fSopenharmony_ci#include <stdint.h> 21b1b8bc3fSopenharmony_ci#include <string> 22b1b8bc3fSopenharmony_ci#include <unordered_map> 23b1b8bc3fSopenharmony_ci#include <utility> 24b1b8bc3fSopenharmony_ci 25b1b8bc3fSopenharmony_ci#include "netfirewall/netfirewall_def.h" 26b1b8bc3fSopenharmony_ci#include "netfirewall_parcel.h" 27b1b8bc3fSopenharmony_ci 28b1b8bc3fSopenharmony_cinamespace OHOS::NetManagerStandard { 29b1b8bc3fSopenharmony_cienum NetFirewallError { 30b1b8bc3fSopenharmony_ci NETFIREWALL_SUCCESS = 0, 31b1b8bc3fSopenharmony_ci NETFIREWALL_ERR, 32b1b8bc3fSopenharmony_ci NETFIREWALL_IP_STR_ERR, 33b1b8bc3fSopenharmony_ci NETFIREWALL_MASK_ERR, 34b1b8bc3fSopenharmony_ci NETFIREWALL_FAMILY_ERR, 35b1b8bc3fSopenharmony_ci NETFIREWALL_EMPTY_ERR, 36b1b8bc3fSopenharmony_ci}; 37b1b8bc3fSopenharmony_ci 38b1b8bc3fSopenharmony_ciclass Bitmap { 39b1b8bc3fSopenharmony_cipublic: 40b1b8bc3fSopenharmony_ci Bitmap(); 41b1b8bc3fSopenharmony_ci 42b1b8bc3fSopenharmony_ci explicit Bitmap(uint32_t n); 43b1b8bc3fSopenharmony_ci 44b1b8bc3fSopenharmony_ci Bitmap(const Bitmap &other); 45b1b8bc3fSopenharmony_ci 46b1b8bc3fSopenharmony_ci ~Bitmap() = default; 47b1b8bc3fSopenharmony_ci 48b1b8bc3fSopenharmony_ci void Clear(); 49b1b8bc3fSopenharmony_ci 50b1b8bc3fSopenharmony_ci /** 51b1b8bc3fSopenharmony_ci * set bit of index n to 1 52b1b8bc3fSopenharmony_ci * 53b1b8bc3fSopenharmony_ci * @param n bit index 54b1b8bc3fSopenharmony_ci */ 55b1b8bc3fSopenharmony_ci void Set(uint32_t n); 56b1b8bc3fSopenharmony_ci 57b1b8bc3fSopenharmony_ci /** 58b1b8bc3fSopenharmony_ci * get bitmap hash code 59b1b8bc3fSopenharmony_ci * 60b1b8bc3fSopenharmony_ci * @return hash code 61b1b8bc3fSopenharmony_ci */ 62b1b8bc3fSopenharmony_ci uint64_t SpecialHash() const; 63b1b8bc3fSopenharmony_ci 64b1b8bc3fSopenharmony_ci /** 65b1b8bc3fSopenharmony_ci * get bitmap memory address 66b1b8bc3fSopenharmony_ci * 67b1b8bc3fSopenharmony_ci * @return address 68b1b8bc3fSopenharmony_ci */ 69b1b8bc3fSopenharmony_ci uint32_t *Get(); 70b1b8bc3fSopenharmony_ci 71b1b8bc3fSopenharmony_ci /** 72b1b8bc3fSopenharmony_ci * and by bit 73b1b8bc3fSopenharmony_ci * 74b1b8bc3fSopenharmony_ci * @param other rule bitmap 75b1b8bc3fSopenharmony_ci */ 76b1b8bc3fSopenharmony_ci void And(const Bitmap &other); 77b1b8bc3fSopenharmony_ci 78b1b8bc3fSopenharmony_ci /** 79b1b8bc3fSopenharmony_ci * or by bit 80b1b8bc3fSopenharmony_ci * 81b1b8bc3fSopenharmony_ci * @param other rule bitmap 82b1b8bc3fSopenharmony_ci */ 83b1b8bc3fSopenharmony_ci void Or(const Bitmap &other); 84b1b8bc3fSopenharmony_ci 85b1b8bc3fSopenharmony_ci bool operator == (const Bitmap &other) const; 86b1b8bc3fSopenharmony_ci 87b1b8bc3fSopenharmony_ci Bitmap &operator = (const Bitmap &other); 88b1b8bc3fSopenharmony_ci 89b1b8bc3fSopenharmony_ciprivate: 90b1b8bc3fSopenharmony_ci /** 91b1b8bc3fSopenharmony_ci * get uin32_t hash, use thomas Wang's 32 bit Mix Function 92b1b8bc3fSopenharmony_ci * 93b1b8bc3fSopenharmony_ci * @param key input uin32_t number 94b1b8bc3fSopenharmony_ci * @return hash number 95b1b8bc3fSopenharmony_ci */ 96b1b8bc3fSopenharmony_ci uint32_t GetHash(uint32_t key) const; 97b1b8bc3fSopenharmony_ci 98b1b8bc3fSopenharmony_ciprivate: 99b1b8bc3fSopenharmony_ci bitmap_t bitmap_; 100b1b8bc3fSopenharmony_ci}; 101b1b8bc3fSopenharmony_ci 102b1b8bc3fSopenharmony_citemplate <class T> class BpfUnorderedMap { 103b1b8bc3fSopenharmony_cipublic: 104b1b8bc3fSopenharmony_ci /** 105b1b8bc3fSopenharmony_ci * if key is not exist in map insert value, or get value or with input value 106b1b8bc3fSopenharmony_ci * 107b1b8bc3fSopenharmony_ci * @param key input key 108b1b8bc3fSopenharmony_ci * @param val rule bitmap 109b1b8bc3fSopenharmony_ci */ 110b1b8bc3fSopenharmony_ci void OrInsert(const T &key, const Bitmap &val) 111b1b8bc3fSopenharmony_ci { 112b1b8bc3fSopenharmony_ci auto it = map_.find(key); 113b1b8bc3fSopenharmony_ci if (it == map_.end()) { 114b1b8bc3fSopenharmony_ci map_.insert(std::make_pair(key, Bitmap(val))); 115b1b8bc3fSopenharmony_ci } else { 116b1b8bc3fSopenharmony_ci it->second.Or(val); 117b1b8bc3fSopenharmony_ci } 118b1b8bc3fSopenharmony_ci } 119b1b8bc3fSopenharmony_ci 120b1b8bc3fSopenharmony_ci /** 121b1b8bc3fSopenharmony_ci * set all value of map or with input bitmap 122b1b8bc3fSopenharmony_ci * 123b1b8bc3fSopenharmony_ci * @param other rule bitmap 124b1b8bc3fSopenharmony_ci */ 125b1b8bc3fSopenharmony_ci void OrForEach(const Bitmap &other) 126b1b8bc3fSopenharmony_ci { 127b1b8bc3fSopenharmony_ci auto it = map_.begin(); 128b1b8bc3fSopenharmony_ci for (; it != map_.end(); ++it) { 129b1b8bc3fSopenharmony_ci it->second.Or(other); 130b1b8bc3fSopenharmony_ci } 131b1b8bc3fSopenharmony_ci } 132b1b8bc3fSopenharmony_ci 133b1b8bc3fSopenharmony_ci int32_t Delete(const T &key) 134b1b8bc3fSopenharmony_ci { 135b1b8bc3fSopenharmony_ci return map_.erase(key); 136b1b8bc3fSopenharmony_ci } 137b1b8bc3fSopenharmony_ci 138b1b8bc3fSopenharmony_ci void Clear() 139b1b8bc3fSopenharmony_ci { 140b1b8bc3fSopenharmony_ci map_.clear(); 141b1b8bc3fSopenharmony_ci } 142b1b8bc3fSopenharmony_ci 143b1b8bc3fSopenharmony_ci std::unordered_map<T, Bitmap> &Get() 144b1b8bc3fSopenharmony_ci { 145b1b8bc3fSopenharmony_ci return map_; 146b1b8bc3fSopenharmony_ci } 147b1b8bc3fSopenharmony_ci 148b1b8bc3fSopenharmony_ci bool Empty() 149b1b8bc3fSopenharmony_ci { 150b1b8bc3fSopenharmony_ci return map_.empty(); 151b1b8bc3fSopenharmony_ci } 152b1b8bc3fSopenharmony_ci 153b1b8bc3fSopenharmony_ciprivate: 154b1b8bc3fSopenharmony_ci std::unordered_map<T, Bitmap> map_; 155b1b8bc3fSopenharmony_ci}; 156b1b8bc3fSopenharmony_ci 157b1b8bc3fSopenharmony_cistruct BitmapHash { 158b1b8bc3fSopenharmony_ci uint64_t operator () (const Bitmap &bitmap) const 159b1b8bc3fSopenharmony_ci { 160b1b8bc3fSopenharmony_ci return bitmap.SpecialHash(); 161b1b8bc3fSopenharmony_ci } 162b1b8bc3fSopenharmony_ci}; 163b1b8bc3fSopenharmony_ci 164b1b8bc3fSopenharmony_ciconst uint32_t BIT_PER_BYTE = 8; 165b1b8bc3fSopenharmony_ciconst uint32_t IPV6_BIT_COUNT = 128; 166b1b8bc3fSopenharmony_ciconst uint32_t IPV4_BIT_COUNT = 32; 167b1b8bc3fSopenharmony_ciconst uint32_t IPV6_BYTE_COUNT = 16; 168b1b8bc3fSopenharmony_ciconst uint32_t IPV6_SEGMENT_COUNT = 8; 169b1b8bc3fSopenharmony_ciconst uint32_t VALUE_ONE = 1; 170b1b8bc3fSopenharmony_ci 171b1b8bc3fSopenharmony_cistruct Ip4Data { 172b1b8bc3fSopenharmony_ci uint32_t mask; 173b1b8bc3fSopenharmony_ci uint32_t data; // Host Long ip 174b1b8bc3fSopenharmony_ci}; 175b1b8bc3fSopenharmony_ci 176b1b8bc3fSopenharmony_cistruct Ip6Data { 177b1b8bc3fSopenharmony_ci uint32_t prefixlen; 178b1b8bc3fSopenharmony_ci in6_addr data; 179b1b8bc3fSopenharmony_ci}; 180b1b8bc3fSopenharmony_ci 181b1b8bc3fSopenharmony_ciclass IpParamParser { 182b1b8bc3fSopenharmony_cipublic: 183b1b8bc3fSopenharmony_ci IpParamParser() = default; 184b1b8bc3fSopenharmony_ci 185b1b8bc3fSopenharmony_ci /** 186b1b8bc3fSopenharmony_ci * convert ip4segment to ip4 and mask list 187b1b8bc3fSopenharmony_ci * 188b1b8bc3fSopenharmony_ci * @param startAddr start ip 189b1b8bc3fSopenharmony_ci * @param endAddr end ip 190b1b8bc3fSopenharmony_ci * @param list output vector 191b1b8bc3fSopenharmony_ci * @return success:return NETFIREWALL_SUCCESS, otherwise return error code 192b1b8bc3fSopenharmony_ci */ 193b1b8bc3fSopenharmony_ci static int32_t GetIp4AndMask(const in_addr &startAddr, const in_addr &endAddr, std::vector<Ip4Data> &list); 194b1b8bc3fSopenharmony_ci 195b1b8bc3fSopenharmony_ci /** 196b1b8bc3fSopenharmony_ci * convert ip4 string to uint32_t of network byte order 197b1b8bc3fSopenharmony_ci * 198b1b8bc3fSopenharmony_ci * @param address ip4 string 199b1b8bc3fSopenharmony_ci * @param ipInt ip4 200b1b8bc3fSopenharmony_ci * @return success:NETFIREWALL_SUCCESS, fail:NETFIREWALL_IP_STR_ERR 201b1b8bc3fSopenharmony_ci */ 202b1b8bc3fSopenharmony_ci static int32_t GetIpUint32(const std::string &address, uint32_t &ipInt); 203b1b8bc3fSopenharmony_ci 204b1b8bc3fSopenharmony_ci static std::string Ip4ToStr(uint32_t ip); 205b1b8bc3fSopenharmony_ci 206b1b8bc3fSopenharmony_ci /** 207b1b8bc3fSopenharmony_ci * save ip4 and mask to vector 208b1b8bc3fSopenharmony_ci * 209b1b8bc3fSopenharmony_ci * @param ip uint32_t of Network byte order 210b1b8bc3fSopenharmony_ci * @param mask ip4 mask 211b1b8bc3fSopenharmony_ci * @param ip4Vec out put vector 212b1b8bc3fSopenharmony_ci */ 213b1b8bc3fSopenharmony_ci 214b1b8bc3fSopenharmony_ci static void AddIp(uint32_t ip, uint32_t mask, std::vector<Ip4Data> &ip4Vec); 215b1b8bc3fSopenharmony_ci 216b1b8bc3fSopenharmony_ci /** 217b1b8bc3fSopenharmony_ci * get biggest mask from startIp and endIp 218b1b8bc3fSopenharmony_ci * 219b1b8bc3fSopenharmony_ci * @param startIp start ip 220b1b8bc3fSopenharmony_ci * @param endIp end ip 221b1b8bc3fSopenharmony_ci * @return ip mask 222b1b8bc3fSopenharmony_ci */ 223b1b8bc3fSopenharmony_ci 224b1b8bc3fSopenharmony_ci static uint32_t GetMask(uint32_t startIp, uint32_t endIp); 225b1b8bc3fSopenharmony_ci 226b1b8bc3fSopenharmony_ci /** 227b1b8bc3fSopenharmony_ci * find value of bit from ip4 uint32_t from right to left 228b1b8bc3fSopenharmony_ci * 229b1b8bc3fSopenharmony_ci * @param ip uint32_t of Network byte order 230b1b8bc3fSopenharmony_ci * @param start start index 231b1b8bc3fSopenharmony_ci * @param end end index 232b1b8bc3fSopenharmony_ci * @param value find value 0 or 1 233b1b8bc3fSopenharmony_ci * @return if founded return bit index of ip, otherwise return IPV4_BIT_COUNT 234b1b8bc3fSopenharmony_ci */ 235b1b8bc3fSopenharmony_ci static uint32_t Rfind(uint32_t ip, uint32_t start, uint32_t end, uint32_t value); 236b1b8bc3fSopenharmony_ci 237b1b8bc3fSopenharmony_ci /** 238b1b8bc3fSopenharmony_ci * find value of bit from ip4 uint32_t from right to left 239b1b8bc3fSopenharmony_ci * 240b1b8bc3fSopenharmony_ci * @param ip uint32_t of Network byte order 241b1b8bc3fSopenharmony_ci * @param start start index 242b1b8bc3fSopenharmony_ci * @param value find value 0 or 1 243b1b8bc3fSopenharmony_ci * @return if founded return bit index of ip, otherwise return IPV4_BIT_COUNT 244b1b8bc3fSopenharmony_ci */ 245b1b8bc3fSopenharmony_ci static uint32_t Find(uint32_t ip, uint32_t start, uint32_t value); 246b1b8bc3fSopenharmony_ci 247b1b8bc3fSopenharmony_ci /** 248b1b8bc3fSopenharmony_ci * get broadcast ip from mask and ip, set ip to next ip of broadcast 249b1b8bc3fSopenharmony_ci * 250b1b8bc3fSopenharmony_ci * @param mask ip4 mask 251b1b8bc3fSopenharmony_ci * @param ip input and output 252b1b8bc3fSopenharmony_ci */ 253b1b8bc3fSopenharmony_ci static void ChangeStart(uint32_t mask, uint32_t &ip); 254b1b8bc3fSopenharmony_ci 255b1b8bc3fSopenharmony_ci /** 256b1b8bc3fSopenharmony_ci * convert ip6segment to ip6 and mask list 257b1b8bc3fSopenharmony_ci * 258b1b8bc3fSopenharmony_ci * @param addr6Start start ip 259b1b8bc3fSopenharmony_ci * @param addr6End end ip 260b1b8bc3fSopenharmony_ci * @param list output vector 261b1b8bc3fSopenharmony_ci * @return if successed:return NETFIREWALL_SUCCESS, otherwise return error code 262b1b8bc3fSopenharmony_ci */ 263b1b8bc3fSopenharmony_ci static int32_t GetIp6AndMask(const in6_addr &addr6Start, const in6_addr &addr6End, std::vector<Ip6Data> &list); 264b1b8bc3fSopenharmony_ci 265b1b8bc3fSopenharmony_ci static std::string Addr6ToStr(const in6_addr &v6Addr); 266b1b8bc3fSopenharmony_ci 267b1b8bc3fSopenharmony_ci /** 268b1b8bc3fSopenharmony_ci * convert ip6 string to in6_addr of Network byte order 269b1b8bc3fSopenharmony_ci * 270b1b8bc3fSopenharmony_ci * @param ipStr ip6 string 271b1b8bc3fSopenharmony_ci * @param addr output ip6 272b1b8bc3fSopenharmony_ci * @return success:NETFIREWALL_SUCCESS, fail:NETFIREWALL_IP_STR_ERR 273b1b8bc3fSopenharmony_ci */ 274b1b8bc3fSopenharmony_ci static int32_t GetInAddr6(const std::string &ipStr, in6_addr &addr); 275b1b8bc3fSopenharmony_ci 276b1b8bc3fSopenharmony_ci /** 277b1b8bc3fSopenharmony_ci * get biggest prefixlen from start ip and end ip 278b1b8bc3fSopenharmony_ci * 279b1b8bc3fSopenharmony_ci * @param start start ip 280b1b8bc3fSopenharmony_ci * @param end end ip 281b1b8bc3fSopenharmony_ci * @return ip6 prefixlen 282b1b8bc3fSopenharmony_ci */ 283b1b8bc3fSopenharmony_ci static uint32_t GetIp6Prefixlen(const in6_addr &start, const in6_addr &end); 284b1b8bc3fSopenharmony_ci 285b1b8bc3fSopenharmony_ci /** 286b1b8bc3fSopenharmony_ci * save ip6 and prefixlen to vector 287b1b8bc3fSopenharmony_ci * 288b1b8bc3fSopenharmony_ci * @param addr ip6 data 289b1b8bc3fSopenharmony_ci * @param prefixlen ip6 prefixlen 290b1b8bc3fSopenharmony_ci * @param list output vector 291b1b8bc3fSopenharmony_ci */ 292b1b8bc3fSopenharmony_ci static void AddIp6(const in6_addr &addr, uint32_t prefixlen, std::vector<Ip6Data> &list); 293b1b8bc3fSopenharmony_ci 294b1b8bc3fSopenharmony_ci /** 295b1b8bc3fSopenharmony_ci * get broadcast ip6 from ip6 and start bit of ip6, set ip to next ip of broadcast 296b1b8bc3fSopenharmony_ci * 297b1b8bc3fSopenharmony_ci * @param startBit start bit of ip6 298b1b8bc3fSopenharmony_ci * @param start input and output 299b1b8bc3fSopenharmony_ci */ 300b1b8bc3fSopenharmony_ci static void ChangeIp6Start(uint32_t startBit, in6_addr &start); 301b1b8bc3fSopenharmony_ci 302b1b8bc3fSopenharmony_ci /** 303b1b8bc3fSopenharmony_ci * find value of bit from ip6 from right to left 304b1b8bc3fSopenharmony_ci * 305b1b8bc3fSopenharmony_ci * @param addr in6_addr of Network byte order 306b1b8bc3fSopenharmony_ci * @param startBit start index of bit 307b1b8bc3fSopenharmony_ci * @param endBit end index of bit 308b1b8bc3fSopenharmony_ci * @param value find value 0 or 1 309b1b8bc3fSopenharmony_ci * @return if founded return index of bit of addr, otherwise return IPV6_BIT_COUNT 310b1b8bc3fSopenharmony_ci */ 311b1b8bc3fSopenharmony_ci static uint32_t RfindIp6(const in6_addr &addr, uint32_t startBit, uint32_t endBit, uint8_t value); 312b1b8bc3fSopenharmony_ci 313b1b8bc3fSopenharmony_ci /** 314b1b8bc3fSopenharmony_ci * find value of bit from ip6 from right to left 315b1b8bc3fSopenharmony_ci * 316b1b8bc3fSopenharmony_ci * @param addr in6_addr of Network byte order 317b1b8bc3fSopenharmony_ci * @param startBit start index of bit 318b1b8bc3fSopenharmony_ci * @param value find value 0 or 1 319b1b8bc3fSopenharmony_ci * @return if founded return bit index of addr, otherwise return IPV6_BIT_COUNT 320b1b8bc3fSopenharmony_ci */ 321b1b8bc3fSopenharmony_ci static uint32_t FindIp6(const in6_addr &addr, uint32_t startBit, uint8_t value); 322b1b8bc3fSopenharmony_ci}; 323b1b8bc3fSopenharmony_ci 324b1b8bc3fSopenharmony_cistruct Ip4RuleBitmap { 325b1b8bc3fSopenharmony_ci uint32_t mask; 326b1b8bc3fSopenharmony_ci uint32_t data; // Network ip 327b1b8bc3fSopenharmony_ci Bitmap bitmap; 328b1b8bc3fSopenharmony_ci}; 329b1b8bc3fSopenharmony_ci 330b1b8bc3fSopenharmony_cistruct Ip6RuleBitmap { 331b1b8bc3fSopenharmony_ci uint32_t prefixlen; 332b1b8bc3fSopenharmony_ci in6_addr data; 333b1b8bc3fSopenharmony_ci Bitmap bitmap; 334b1b8bc3fSopenharmony_ci}; 335b1b8bc3fSopenharmony_ci 336b1b8bc3fSopenharmony_ciusing Ip4RuleBitmapVector = std::vector<Ip4RuleBitmap>; 337b1b8bc3fSopenharmony_ciusing Ip6RuleBitmapVector = std::vector<Ip6RuleBitmap>; 338b1b8bc3fSopenharmony_ci 339b1b8bc3fSopenharmony_ciclass Ip4RuleMap { 340b1b8bc3fSopenharmony_cipublic: 341b1b8bc3fSopenharmony_ci /** 342b1b8bc3fSopenharmony_ci * set all bitmap of vector or with input bitmap 343b1b8bc3fSopenharmony_ci * 344b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 345b1b8bc3fSopenharmony_ci */ 346b1b8bc3fSopenharmony_ci void OrForEach(const Bitmap &bitmap) 347b1b8bc3fSopenharmony_ci { 348b1b8bc3fSopenharmony_ci auto it = ruleBitmapVec_.begin(); 349b1b8bc3fSopenharmony_ci for (; it != ruleBitmapVec_.end(); ++it) { 350b1b8bc3fSopenharmony_ci it->bitmap.Or(bitmap); 351b1b8bc3fSopenharmony_ci } 352b1b8bc3fSopenharmony_ci } 353b1b8bc3fSopenharmony_ci 354b1b8bc3fSopenharmony_ci /** 355b1b8bc3fSopenharmony_ci * if addr and mask not exist in vector, save value to vector, otherwise or bitmap 356b1b8bc3fSopenharmony_ci * 357b1b8bc3fSopenharmony_ci * @param addr Network ip 358b1b8bc3fSopenharmony_ci * @param mask ip mask 359b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 360b1b8bc3fSopenharmony_ci */ 361b1b8bc3fSopenharmony_ci void OrInsert(uint32_t addr, uint32_t mask, Bitmap &bitmap) 362b1b8bc3fSopenharmony_ci { 363b1b8bc3fSopenharmony_ci std::vector<Ip4RuleBitmapVector::iterator> matches; 364b1b8bc3fSopenharmony_ci uint32_t networkAddr = GetNetworkAddress(addr, mask); 365b1b8bc3fSopenharmony_ci for (auto it = ruleBitmapVec_.begin(); it != ruleBitmapVec_.end(); ++it) { 366b1b8bc3fSopenharmony_ci if (it->data == addr || GetNetworkAddress(it->data, it->mask) == networkAddr) { 367b1b8bc3fSopenharmony_ci matches.emplace_back(it); 368b1b8bc3fSopenharmony_ci } 369b1b8bc3fSopenharmony_ci } 370b1b8bc3fSopenharmony_ci if (matches.empty()) { 371b1b8bc3fSopenharmony_ci Ip4RuleBitmap ruleBitmap; 372b1b8bc3fSopenharmony_ci ruleBitmap.data = addr; 373b1b8bc3fSopenharmony_ci ruleBitmap.mask = mask; 374b1b8bc3fSopenharmony_ci ruleBitmap.bitmap = bitmap; 375b1b8bc3fSopenharmony_ci ruleBitmapVec_.emplace_back(std::move(ruleBitmap)); 376b1b8bc3fSopenharmony_ci } else { 377b1b8bc3fSopenharmony_ci for (const auto &it : matches) { 378b1b8bc3fSopenharmony_ci it->bitmap.Or(bitmap); 379b1b8bc3fSopenharmony_ci } 380b1b8bc3fSopenharmony_ci } 381b1b8bc3fSopenharmony_ci } 382b1b8bc3fSopenharmony_ci 383b1b8bc3fSopenharmony_ci void Clear() 384b1b8bc3fSopenharmony_ci { 385b1b8bc3fSopenharmony_ci ruleBitmapVec_.clear(); 386b1b8bc3fSopenharmony_ci } 387b1b8bc3fSopenharmony_ci 388b1b8bc3fSopenharmony_ci std::vector<Ip4RuleBitmap> &Get() 389b1b8bc3fSopenharmony_ci { 390b1b8bc3fSopenharmony_ci return ruleBitmapVec_; 391b1b8bc3fSopenharmony_ci } 392b1b8bc3fSopenharmony_ci 393b1b8bc3fSopenharmony_ciprivate: 394b1b8bc3fSopenharmony_ci /** 395b1b8bc3fSopenharmony_ci * get value from ip & mask by network byte order 396b1b8bc3fSopenharmony_ci * 397b1b8bc3fSopenharmony_ci * @param addr ip 398b1b8bc3fSopenharmony_ci * @param mask ip mask 399b1b8bc3fSopenharmony_ci * @return mask uint32 value by network byte order 400b1b8bc3fSopenharmony_ci */ 401b1b8bc3fSopenharmony_ci inline uint32_t GetNetworkAddress(uint32_t addr, uint32_t mask) 402b1b8bc3fSopenharmony_ci { 403b1b8bc3fSopenharmony_ci return ntohl(addr) & (0xFFFFFFFF >> (IPV4_MAX_PREFIXLEN - mask)); 404b1b8bc3fSopenharmony_ci } 405b1b8bc3fSopenharmony_ci 406b1b8bc3fSopenharmony_ciprivate: 407b1b8bc3fSopenharmony_ci std::vector<Ip4RuleBitmap> ruleBitmapVec_; 408b1b8bc3fSopenharmony_ci}; 409b1b8bc3fSopenharmony_ci 410b1b8bc3fSopenharmony_ciclass Ip6RuleMap { 411b1b8bc3fSopenharmony_cipublic: 412b1b8bc3fSopenharmony_ci /** 413b1b8bc3fSopenharmony_ci * set all bitmap of vector or with input bitmap 414b1b8bc3fSopenharmony_ci * 415b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 416b1b8bc3fSopenharmony_ci */ 417b1b8bc3fSopenharmony_ci void OrForEach(const Bitmap &bitmap) 418b1b8bc3fSopenharmony_ci { 419b1b8bc3fSopenharmony_ci auto it = ruleBitmapVec_.begin(); 420b1b8bc3fSopenharmony_ci for (; it != ruleBitmapVec_.end(); ++it) { 421b1b8bc3fSopenharmony_ci it->bitmap.Or(bitmap); 422b1b8bc3fSopenharmony_ci } 423b1b8bc3fSopenharmony_ci } 424b1b8bc3fSopenharmony_ci 425b1b8bc3fSopenharmony_ci /** 426b1b8bc3fSopenharmony_ci * if addr and prefixlen not exist in vector, save value to vector, otherwise or bitmap 427b1b8bc3fSopenharmony_ci * 428b1b8bc3fSopenharmony_ci * @param addr ip6 429b1b8bc3fSopenharmony_ci * @param prefixlen ip6 prefixlen 430b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 431b1b8bc3fSopenharmony_ci */ 432b1b8bc3fSopenharmony_ci void OrInsert(const in6_addr &addr, uint32_t prefixlen, Bitmap &bitmap) 433b1b8bc3fSopenharmony_ci { 434b1b8bc3fSopenharmony_ci std::vector<Ip6RuleBitmapVector::iterator> matches; 435b1b8bc3fSopenharmony_ci in6_addr networkAddr = {}; 436b1b8bc3fSopenharmony_ci GetNetworkAddress(addr, prefixlen, networkAddr); 437b1b8bc3fSopenharmony_ci for (auto it = ruleBitmapVec_.begin(); it != ruleBitmapVec_.end(); ++it) { 438b1b8bc3fSopenharmony_ci in6_addr otherNetworkAddr = {}; 439b1b8bc3fSopenharmony_ci GetNetworkAddress(it->data, it->prefixlen, otherNetworkAddr); 440b1b8bc3fSopenharmony_ci if (!memcmp(&addr, &(it->data), sizeof(in6_addr)) || 441b1b8bc3fSopenharmony_ci !memcmp(&networkAddr, &otherNetworkAddr, sizeof(in6_addr))) { 442b1b8bc3fSopenharmony_ci matches.emplace_back(it); 443b1b8bc3fSopenharmony_ci } 444b1b8bc3fSopenharmony_ci } 445b1b8bc3fSopenharmony_ci if (matches.empty()) { 446b1b8bc3fSopenharmony_ci Ip6RuleBitmap ruleBitmap; 447b1b8bc3fSopenharmony_ci ruleBitmap.data = addr; 448b1b8bc3fSopenharmony_ci ruleBitmap.prefixlen = prefixlen; 449b1b8bc3fSopenharmony_ci ruleBitmap.bitmap = bitmap; 450b1b8bc3fSopenharmony_ci ruleBitmapVec_.emplace_back(std::move(ruleBitmap)); 451b1b8bc3fSopenharmony_ci } else { 452b1b8bc3fSopenharmony_ci for (const auto &it : matches) { 453b1b8bc3fSopenharmony_ci it->bitmap.Or(bitmap); 454b1b8bc3fSopenharmony_ci } 455b1b8bc3fSopenharmony_ci } 456b1b8bc3fSopenharmony_ci } 457b1b8bc3fSopenharmony_ci 458b1b8bc3fSopenharmony_ci void Clear() 459b1b8bc3fSopenharmony_ci { 460b1b8bc3fSopenharmony_ci ruleBitmapVec_.clear(); 461b1b8bc3fSopenharmony_ci } 462b1b8bc3fSopenharmony_ci 463b1b8bc3fSopenharmony_ci std::vector<Ip6RuleBitmap> &Get() 464b1b8bc3fSopenharmony_ci { 465b1b8bc3fSopenharmony_ci return ruleBitmapVec_; 466b1b8bc3fSopenharmony_ci } 467b1b8bc3fSopenharmony_ci 468b1b8bc3fSopenharmony_ciprivate: 469b1b8bc3fSopenharmony_ci void GetNetworkAddress(in6_addr addr, int prefixLen, in6_addr &out) 470b1b8bc3fSopenharmony_ci { 471b1b8bc3fSopenharmony_ci int quotient = prefixLen / 8; 472b1b8bc3fSopenharmony_ci int remainder = prefixLen % 8; 473b1b8bc3fSopenharmony_ci for (int i = 0; i < quotient; i++) { 474b1b8bc3fSopenharmony_ci out.s6_addr[i] = addr.s6_addr[i] & 0xff; 475b1b8bc3fSopenharmony_ci } 476b1b8bc3fSopenharmony_ci if (remainder) { 477b1b8bc3fSopenharmony_ci out.s6_addr[quotient] = addr.s6_addr[quotient] & (~(0xff >> remainder)); 478b1b8bc3fSopenharmony_ci } 479b1b8bc3fSopenharmony_ci } 480b1b8bc3fSopenharmony_ci 481b1b8bc3fSopenharmony_ciprivate: 482b1b8bc3fSopenharmony_ci std::vector<Ip6RuleBitmap> ruleBitmapVec_; 483b1b8bc3fSopenharmony_ci}; 484b1b8bc3fSopenharmony_ci 485b1b8bc3fSopenharmony_cistruct SegmentBitmap { 486b1b8bc3fSopenharmony_ci uint16_t start; 487b1b8bc3fSopenharmony_ci uint16_t end; 488b1b8bc3fSopenharmony_ci Bitmap bitmap; 489b1b8bc3fSopenharmony_ci}; 490b1b8bc3fSopenharmony_ci 491b1b8bc3fSopenharmony_ciclass SegmentBitmapMap { 492b1b8bc3fSopenharmony_cipublic: 493b1b8bc3fSopenharmony_ci SegmentBitmapMap() = default; 494b1b8bc3fSopenharmony_ci 495b1b8bc3fSopenharmony_ci /** 496b1b8bc3fSopenharmony_ci * add segment and rule bitmap map 497b1b8bc3fSopenharmony_ci * 498b1b8bc3fSopenharmony_ci * @param start start of segment 499b1b8bc3fSopenharmony_ci * @param end end of segment 500b1b8bc3fSopenharmony_ci * @param bitmap rule itmap 501b1b8bc3fSopenharmony_ci */ 502b1b8bc3fSopenharmony_ci void AddMap(uint16_t start, uint16_t end, const Bitmap &bitmap) 503b1b8bc3fSopenharmony_ci { 504b1b8bc3fSopenharmony_ci std::vector<uint32_t> indexs; 505b1b8bc3fSopenharmony_ci SearchIntersection(start, end, indexs); 506b1b8bc3fSopenharmony_ci if (indexs.empty()) { 507b1b8bc3fSopenharmony_ci Insert(start, end, bitmap); 508b1b8bc3fSopenharmony_ci return; 509b1b8bc3fSopenharmony_ci } 510b1b8bc3fSopenharmony_ci std::vector<SegmentBitmap> list; 511b1b8bc3fSopenharmony_ci GetMapList(start, end, bitmap, indexs, list); 512b1b8bc3fSopenharmony_ci DeleteSegBitmap(indexs); 513b1b8bc3fSopenharmony_ci AddSegBitmapMap(list); 514b1b8bc3fSopenharmony_ci } 515b1b8bc3fSopenharmony_ci 516b1b8bc3fSopenharmony_ci std::vector<SegmentBitmap> &GetMap() 517b1b8bc3fSopenharmony_ci { 518b1b8bc3fSopenharmony_ci return mapList_; 519b1b8bc3fSopenharmony_ci } 520b1b8bc3fSopenharmony_ci 521b1b8bc3fSopenharmony_ciprivate: 522b1b8bc3fSopenharmony_ci /** 523b1b8bc3fSopenharmony_ci * search input segment intersection in exist map list 524b1b8bc3fSopenharmony_ci * 525b1b8bc3fSopenharmony_ci * @param start start of segment 526b1b8bc3fSopenharmony_ci * @param end end of segment 527b1b8bc3fSopenharmony_ci * @param indexs has intersection index value in exist map 528b1b8bc3fSopenharmony_ci */ 529b1b8bc3fSopenharmony_ci void SearchIntersection(uint16_t start, uint16_t end, std::vector<uint32_t> &indexs) 530b1b8bc3fSopenharmony_ci { 531b1b8bc3fSopenharmony_ci for (size_t i = 0; i < mapList_.size(); ++i) { 532b1b8bc3fSopenharmony_ci if (((start >= mapList_[i].start) && (start <= mapList_[i].end)) || 533b1b8bc3fSopenharmony_ci ((mapList_[i].start >= start) && (mapList_[i].start <= end))) { 534b1b8bc3fSopenharmony_ci indexs.push_back(i); 535b1b8bc3fSopenharmony_ci } 536b1b8bc3fSopenharmony_ci } 537b1b8bc3fSopenharmony_ci } 538b1b8bc3fSopenharmony_ci 539b1b8bc3fSopenharmony_ci void DeleteSegBitmap(std::vector<uint32_t> &indexs) 540b1b8bc3fSopenharmony_ci { 541b1b8bc3fSopenharmony_ci if (indexs.empty()) { 542b1b8bc3fSopenharmony_ci return; 543b1b8bc3fSopenharmony_ci } 544b1b8bc3fSopenharmony_ci auto it = indexs.rbegin(); 545b1b8bc3fSopenharmony_ci for (; it != indexs.rend(); ++it) { 546b1b8bc3fSopenharmony_ci mapList_.erase(mapList_.begin() + *it); 547b1b8bc3fSopenharmony_ci } 548b1b8bc3fSopenharmony_ci } 549b1b8bc3fSopenharmony_ci 550b1b8bc3fSopenharmony_ci /** 551b1b8bc3fSopenharmony_ci * insert segment and bitmap into map lsit 552b1b8bc3fSopenharmony_ci * 553b1b8bc3fSopenharmony_ci * @param start start of segment 554b1b8bc3fSopenharmony_ci * @param end end of segment 555b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 556b1b8bc3fSopenharmony_ci */ 557b1b8bc3fSopenharmony_ci void Insert(uint16_t start, uint16_t end, const Bitmap &bitmap) 558b1b8bc3fSopenharmony_ci { 559b1b8bc3fSopenharmony_ci SegmentBitmap segBitmap; 560b1b8bc3fSopenharmony_ci segBitmap.start = start; 561b1b8bc3fSopenharmony_ci segBitmap.end = end; 562b1b8bc3fSopenharmony_ci segBitmap.bitmap = bitmap; 563b1b8bc3fSopenharmony_ci std::vector<SegmentBitmap>::iterator it = mapList_.begin(); 564b1b8bc3fSopenharmony_ci for (; it != mapList_.end(); ++it) { 565b1b8bc3fSopenharmony_ci if (start < it->start) { 566b1b8bc3fSopenharmony_ci mapList_.insert(it, segBitmap); 567b1b8bc3fSopenharmony_ci return; 568b1b8bc3fSopenharmony_ci } 569b1b8bc3fSopenharmony_ci } 570b1b8bc3fSopenharmony_ci mapList_.insert(mapList_.end(), segBitmap); 571b1b8bc3fSopenharmony_ci } 572b1b8bc3fSopenharmony_ci 573b1b8bc3fSopenharmony_ci /** 574b1b8bc3fSopenharmony_ci * add segment and bitmap map to vector 575b1b8bc3fSopenharmony_ci * 576b1b8bc3fSopenharmony_ci * @param start start of segment 577b1b8bc3fSopenharmony_ci * @param end end of segment 578b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 579b1b8bc3fSopenharmony_ci * @param mapList map list 580b1b8bc3fSopenharmony_ci */ 581b1b8bc3fSopenharmony_ci void AddSegBitmap(uint16_t start, uint16_t end, const Bitmap &bitmap, std::vector<SegmentBitmap> &mapList) 582b1b8bc3fSopenharmony_ci { 583b1b8bc3fSopenharmony_ci if (start > end) { 584b1b8bc3fSopenharmony_ci return; 585b1b8bc3fSopenharmony_ci } 586b1b8bc3fSopenharmony_ci SegmentBitmap tmpSegBitmap; 587b1b8bc3fSopenharmony_ci tmpSegBitmap.start = start; 588b1b8bc3fSopenharmony_ci tmpSegBitmap.end = end; 589b1b8bc3fSopenharmony_ci tmpSegBitmap.bitmap = bitmap; 590b1b8bc3fSopenharmony_ci mapList.emplace_back(tmpSegBitmap); 591b1b8bc3fSopenharmony_ci } 592b1b8bc3fSopenharmony_ci 593b1b8bc3fSopenharmony_ci void AddSegBitmapMap(const std::vector<SegmentBitmap> &mapList) 594b1b8bc3fSopenharmony_ci { 595b1b8bc3fSopenharmony_ci auto it = mapList.begin(); 596b1b8bc3fSopenharmony_ci for (; it != mapList.end(); ++it) { 597b1b8bc3fSopenharmony_ci Insert(it->start, it->end, it->bitmap); 598b1b8bc3fSopenharmony_ci } 599b1b8bc3fSopenharmony_ci } 600b1b8bc3fSopenharmony_ci 601b1b8bc3fSopenharmony_ci /** 602b1b8bc3fSopenharmony_ci * merge segment and bitmap map with exit map into new maps 603b1b8bc3fSopenharmony_ci * 604b1b8bc3fSopenharmony_ci * @param start start of segment 605b1b8bc3fSopenharmony_ci * @param end end of segment 606b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 607b1b8bc3fSopenharmony_ci * @param indexs intersection indexs 608b1b8bc3fSopenharmony_ci * @param list segment and rule bitmap map list 609b1b8bc3fSopenharmony_ci */ 610b1b8bc3fSopenharmony_ci void GetMapList(uint16_t start, uint16_t end, const Bitmap &bitmap, std::vector<uint32_t> &indexs, 611b1b8bc3fSopenharmony_ci std::vector<SegmentBitmap> &list) 612b1b8bc3fSopenharmony_ci { 613b1b8bc3fSopenharmony_ci uint32_t tmpStart = start; 614b1b8bc3fSopenharmony_ci for (auto index : indexs) { 615b1b8bc3fSopenharmony_ci SegmentBitmap &segBitmap = mapList_[index]; 616b1b8bc3fSopenharmony_ci if (tmpStart < segBitmap.start) { 617b1b8bc3fSopenharmony_ci AddSegBitmap(tmpStart, segBitmap.start - 1, bitmap, list); 618b1b8bc3fSopenharmony_ci Bitmap bmap(bitmap); 619b1b8bc3fSopenharmony_ci if (end <= segBitmap.end) { 620b1b8bc3fSopenharmony_ci bmap.Or(segBitmap.bitmap); 621b1b8bc3fSopenharmony_ci AddSegBitmap(segBitmap.start, end, bmap, list); 622b1b8bc3fSopenharmony_ci AddSegBitmap(end + 1, segBitmap.end, segBitmap.bitmap, list); 623b1b8bc3fSopenharmony_ci tmpStart = end + 1; 624b1b8bc3fSopenharmony_ci break; 625b1b8bc3fSopenharmony_ci } else { 626b1b8bc3fSopenharmony_ci bmap.Or(segBitmap.bitmap); 627b1b8bc3fSopenharmony_ci AddSegBitmap(segBitmap.start, segBitmap.end, bmap, list); 628b1b8bc3fSopenharmony_ci tmpStart = segBitmap.end + 1; 629b1b8bc3fSopenharmony_ci } 630b1b8bc3fSopenharmony_ci } else { 631b1b8bc3fSopenharmony_ci if (tmpStart > segBitmap.start) { 632b1b8bc3fSopenharmony_ci AddSegBitmap(segBitmap.start, tmpStart - 1, segBitmap.bitmap, list); 633b1b8bc3fSopenharmony_ci } 634b1b8bc3fSopenharmony_ci Bitmap bmap(bitmap); 635b1b8bc3fSopenharmony_ci if (end <= segBitmap.end) { 636b1b8bc3fSopenharmony_ci bmap.Or(segBitmap.bitmap); 637b1b8bc3fSopenharmony_ci AddSegBitmap(tmpStart, end, bmap, list); 638b1b8bc3fSopenharmony_ci AddSegBitmap(end + 1, segBitmap.end, segBitmap.bitmap, list); 639b1b8bc3fSopenharmony_ci tmpStart = end + 1; 640b1b8bc3fSopenharmony_ci break; 641b1b8bc3fSopenharmony_ci } else { 642b1b8bc3fSopenharmony_ci bmap.Or(segBitmap.bitmap); 643b1b8bc3fSopenharmony_ci AddSegBitmap(tmpStart, segBitmap.end, bmap, list); 644b1b8bc3fSopenharmony_ci tmpStart = segBitmap.end + 1; 645b1b8bc3fSopenharmony_ci } 646b1b8bc3fSopenharmony_ci } 647b1b8bc3fSopenharmony_ci } 648b1b8bc3fSopenharmony_ci if (tmpStart <= end) { 649b1b8bc3fSopenharmony_ci AddSegBitmap(tmpStart, end, bitmap, list); 650b1b8bc3fSopenharmony_ci } 651b1b8bc3fSopenharmony_ci } 652b1b8bc3fSopenharmony_ci 653b1b8bc3fSopenharmony_ciprivate: 654b1b8bc3fSopenharmony_ci std::vector<SegmentBitmap> mapList_; 655b1b8bc3fSopenharmony_ci}; 656b1b8bc3fSopenharmony_ci 657b1b8bc3fSopenharmony_ciusing PortKey = port_key; 658b1b8bc3fSopenharmony_ciusing ProtoKey = proto_key; 659b1b8bc3fSopenharmony_ciusing AppUidKey = appuid_key; 660b1b8bc3fSopenharmony_ciusing UidKey = uid_key; 661b1b8bc3fSopenharmony_ciusing ActionValue = action_val; 662b1b8bc3fSopenharmony_ci 663b1b8bc3fSopenharmony_ciusing BpfStrMap = BpfUnorderedMap<std::string>; 664b1b8bc3fSopenharmony_ciusing BpfPortMap = BpfUnorderedMap<PortKey>; 665b1b8bc3fSopenharmony_ciusing BpfProtoMap = BpfUnorderedMap<ProtoKey>; 666b1b8bc3fSopenharmony_ciusing BpfAppUidMap = BpfUnorderedMap<AppUidKey>; 667b1b8bc3fSopenharmony_ciusing BpfUidMap = BpfUnorderedMap<UidKey>; 668b1b8bc3fSopenharmony_ciusing BpfActionMap = BpfUnorderedMap<action_key>; 669b1b8bc3fSopenharmony_ci 670b1b8bc3fSopenharmony_ciclass BitmapManager { 671b1b8bc3fSopenharmony_cipublic: 672b1b8bc3fSopenharmony_ci BitmapManager() {} 673b1b8bc3fSopenharmony_ci 674b1b8bc3fSopenharmony_ci ~BitmapManager() = default; 675b1b8bc3fSopenharmony_ci 676b1b8bc3fSopenharmony_ci /** 677b1b8bc3fSopenharmony_ci * build firewall rule bitmap map 678b1b8bc3fSopenharmony_ci * 679b1b8bc3fSopenharmony_ci * @param ruleList fire wall list 680b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 681b1b8bc3fSopenharmony_ci */ 682b1b8bc3fSopenharmony_ci int32_t BuildBitmapMap(const std::vector<sptr<NetFirewallIpRule>> &ruleList); 683b1b8bc3fSopenharmony_ci 684b1b8bc3fSopenharmony_ci Ip4RuleBitmapVector &GetSrcIp4Map() 685b1b8bc3fSopenharmony_ci { 686b1b8bc3fSopenharmony_ci return srcIp4Map_.Get(); 687b1b8bc3fSopenharmony_ci } 688b1b8bc3fSopenharmony_ci 689b1b8bc3fSopenharmony_ci Ip6RuleBitmapVector &GetSrcIp6Map() 690b1b8bc3fSopenharmony_ci { 691b1b8bc3fSopenharmony_ci return srcIp6Map_.Get(); 692b1b8bc3fSopenharmony_ci } 693b1b8bc3fSopenharmony_ci 694b1b8bc3fSopenharmony_ci Ip4RuleBitmapVector &GetDstIp4Map() 695b1b8bc3fSopenharmony_ci { 696b1b8bc3fSopenharmony_ci return dstIp4Map_.Get(); 697b1b8bc3fSopenharmony_ci } 698b1b8bc3fSopenharmony_ci 699b1b8bc3fSopenharmony_ci Ip6RuleBitmapVector &GetDstIp6Map() 700b1b8bc3fSopenharmony_ci { 701b1b8bc3fSopenharmony_ci return dstIp6Map_.Get(); 702b1b8bc3fSopenharmony_ci } 703b1b8bc3fSopenharmony_ci 704b1b8bc3fSopenharmony_ci BpfPortMap &GetSrcPortMap() 705b1b8bc3fSopenharmony_ci { 706b1b8bc3fSopenharmony_ci return srcPortMap_; 707b1b8bc3fSopenharmony_ci } 708b1b8bc3fSopenharmony_ci 709b1b8bc3fSopenharmony_ci BpfPortMap &GetDstPortMap() 710b1b8bc3fSopenharmony_ci { 711b1b8bc3fSopenharmony_ci return dstPortMap_; 712b1b8bc3fSopenharmony_ci } 713b1b8bc3fSopenharmony_ci 714b1b8bc3fSopenharmony_ci BpfProtoMap &GetProtoMap() 715b1b8bc3fSopenharmony_ci { 716b1b8bc3fSopenharmony_ci return protoMap_; 717b1b8bc3fSopenharmony_ci } 718b1b8bc3fSopenharmony_ci 719b1b8bc3fSopenharmony_ci BpfAppUidMap &GetAppIdMap() 720b1b8bc3fSopenharmony_ci { 721b1b8bc3fSopenharmony_ci return appUidMap_; 722b1b8bc3fSopenharmony_ci } 723b1b8bc3fSopenharmony_ci 724b1b8bc3fSopenharmony_ci BpfUidMap &GetUidMap() 725b1b8bc3fSopenharmony_ci { 726b1b8bc3fSopenharmony_ci return uidMap_; 727b1b8bc3fSopenharmony_ci } 728b1b8bc3fSopenharmony_ci 729b1b8bc3fSopenharmony_ci BpfActionMap &GetActionMap() 730b1b8bc3fSopenharmony_ci { 731b1b8bc3fSopenharmony_ci return actionMap_; 732b1b8bc3fSopenharmony_ci } 733b1b8bc3fSopenharmony_ci 734b1b8bc3fSopenharmony_ci static uint16_t Hltons(uint32_t n); 735b1b8bc3fSopenharmony_ci 736b1b8bc3fSopenharmony_ci static uint16_t Nstohl(uint16_t n); 737b1b8bc3fSopenharmony_ci 738b1b8bc3fSopenharmony_ciprivate: 739b1b8bc3fSopenharmony_ci void Clear(); 740b1b8bc3fSopenharmony_ci 741b1b8bc3fSopenharmony_ci /** 742b1b8bc3fSopenharmony_ci * build firewall rule bitmap map, with element seted 743b1b8bc3fSopenharmony_ci * 744b1b8bc3fSopenharmony_ci * @param ruleList fire wall list 745b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 746b1b8bc3fSopenharmony_ci */ 747b1b8bc3fSopenharmony_ci int32_t BuildMarkBitmap(const std::vector<sptr<NetFirewallIpRule>> &ruleList); 748b1b8bc3fSopenharmony_ci 749b1b8bc3fSopenharmony_ci /** 750b1b8bc3fSopenharmony_ci * build firewall rule bitmap map, with element not seted 751b1b8bc3fSopenharmony_ci * 752b1b8bc3fSopenharmony_ci * @param ruleList fire wall list 753b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 754b1b8bc3fSopenharmony_ci */ 755b1b8bc3fSopenharmony_ci void BuildNoMarkBitmap(const std::vector<sptr<NetFirewallIpRule>> &ruleList); 756b1b8bc3fSopenharmony_ci 757b1b8bc3fSopenharmony_ci /** 758b1b8bc3fSopenharmony_ci * insert ip and rule bitmap map 759b1b8bc3fSopenharmony_ci * 760b1b8bc3fSopenharmony_ci * @param ipInfo ip info 761b1b8bc3fSopenharmony_ci * @param isSrc true: Source, false: local 762b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 763b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 764b1b8bc3fSopenharmony_ci */ 765b1b8bc3fSopenharmony_ci int32_t InsertIpBitmap(const std::vector<NetFirewallIpParam> &ipInfo, bool isSrc, Bitmap &bitmap); 766b1b8bc3fSopenharmony_ci 767b1b8bc3fSopenharmony_ci /** 768b1b8bc3fSopenharmony_ci * convect port segement map to single port map 769b1b8bc3fSopenharmony_ci * 770b1b8bc3fSopenharmony_ci * @param portSegMap segment port and rule bitmap map 771b1b8bc3fSopenharmony_ci * @param portMap output single port and rule bitmap map 772b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 773b1b8bc3fSopenharmony_ci */ 774b1b8bc3fSopenharmony_ci void OrInsertPortBitmap(SegmentBitmapMap &portSegMap, BpfUnorderedMap<PortKey> &portMap); 775b1b8bc3fSopenharmony_ci 776b1b8bc3fSopenharmony_ci /** 777b1b8bc3fSopenharmony_ci * judge protocols if need port map 778b1b8bc3fSopenharmony_ci * 779b1b8bc3fSopenharmony_ci * @param protocol transform protoco 780b1b8bc3fSopenharmony_ci * @return true: not need; false: needed 781b1b8bc3fSopenharmony_ci */ 782b1b8bc3fSopenharmony_ci bool IsNotNeedPort(NetworkProtocol protocol); 783b1b8bc3fSopenharmony_ci 784b1b8bc3fSopenharmony_ci /** 785b1b8bc3fSopenharmony_ci * insert ip6 segment and bitmap map 786b1b8bc3fSopenharmony_ci * 787b1b8bc3fSopenharmony_ci * @param item ip info 788b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 789b1b8bc3fSopenharmony_ci * @param ip6Map ip6 and rule bitmap map 790b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 791b1b8bc3fSopenharmony_ci */ 792b1b8bc3fSopenharmony_ci int32_t InsertIp6SegBitmap(const NetFirewallIpParam &item, Bitmap &bitmap, Ip6RuleMap *ip6Map); 793b1b8bc3fSopenharmony_ci 794b1b8bc3fSopenharmony_ci /** 795b1b8bc3fSopenharmony_ci * insert ip4 segment and bitmap map 796b1b8bc3fSopenharmony_ci * 797b1b8bc3fSopenharmony_ci * @param item ip info 798b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 799b1b8bc3fSopenharmony_ci * @param ip4Map ip4 and rule bitmap map 800b1b8bc3fSopenharmony_ci * @return success: return NETFIREWALL_SUCCESS, otherwise return error code 801b1b8bc3fSopenharmony_ci */ 802b1b8bc3fSopenharmony_ci int32_t InsertIp4SegBitmap(const NetFirewallIpParam &item, Bitmap &bitmap, Ip4RuleMap *ip4Map); 803b1b8bc3fSopenharmony_ci 804b1b8bc3fSopenharmony_ci /** 805b1b8bc3fSopenharmony_ci * save port segment and bitmap map to map list 806b1b8bc3fSopenharmony_ci * 807b1b8bc3fSopenharmony_ci * @param port port info 808b1b8bc3fSopenharmony_ci * @param bitmap rule bitmap 809b1b8bc3fSopenharmony_ci * @param portMap port segment and bitmap map list 810b1b8bc3fSopenharmony_ci */ 811b1b8bc3fSopenharmony_ci void AddPortBitmap(const std::vector<NetFirewallPortParam> &port, Bitmap &bitmap, SegmentBitmapMap &portMap); 812b1b8bc3fSopenharmony_ci 813b1b8bc3fSopenharmony_ciprivate: 814b1b8bc3fSopenharmony_ci Ip4RuleMap srcIp4Map_; 815b1b8bc3fSopenharmony_ci Ip4RuleMap dstIp4Map_; 816b1b8bc3fSopenharmony_ci Ip6RuleMap srcIp6Map_; 817b1b8bc3fSopenharmony_ci Ip6RuleMap dstIp6Map_; 818b1b8bc3fSopenharmony_ci BpfPortMap srcPortMap_; 819b1b8bc3fSopenharmony_ci BpfPortMap dstPortMap_; 820b1b8bc3fSopenharmony_ci BpfProtoMap protoMap_; 821b1b8bc3fSopenharmony_ci BpfAppUidMap appUidMap_; 822b1b8bc3fSopenharmony_ci BpfUidMap uidMap_; 823b1b8bc3fSopenharmony_ci BpfActionMap actionMap_; 824b1b8bc3fSopenharmony_ci}; 825b1b8bc3fSopenharmony_ci} // namespace OHOS::NetManagerStandard 826b1b8bc3fSopenharmony_ci#endif /* NETMANAGER_EXT_NET_FIREWALL_BITMAP_MANAGER_H */ 827