1b1b8bc3fSopenharmony_ci/* 2b1b8bc3fSopenharmony_ci * Copyright (C) 2021-2022 Huawei Device Co., Ltd. 3b1b8bc3fSopenharmony_ci * Licensed under the Apache License, Version 2.0 (the "License"); 4b1b8bc3fSopenharmony_ci * you may not use this file except in compliance with the License. 5b1b8bc3fSopenharmony_ci * You may obtain a copy of the License at 6b1b8bc3fSopenharmony_ci * 7b1b8bc3fSopenharmony_ci * http://www.apache.org/licenses/LICENSE-2.0 8b1b8bc3fSopenharmony_ci * 9b1b8bc3fSopenharmony_ci * Unless required by applicable law or agreed to in writing, software 10b1b8bc3fSopenharmony_ci * distributed under the License is distributed on an "AS IS" BASIS, 11b1b8bc3fSopenharmony_ci * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12b1b8bc3fSopenharmony_ci * See the License for the specific language governing permissions and 13b1b8bc3fSopenharmony_ci * limitations under the License. 14b1b8bc3fSopenharmony_ci */ 15b1b8bc3fSopenharmony_ci 16b1b8bc3fSopenharmony_ci#ifndef INCLUDE_ROUTE_MANAGER_H 17b1b8bc3fSopenharmony_ci#define INCLUDE_ROUTE_MANAGER_H 18b1b8bc3fSopenharmony_ci 19b1b8bc3fSopenharmony_ci#include <linux/netlink.h> 20b1b8bc3fSopenharmony_ci#include <map> 21b1b8bc3fSopenharmony_ci#include <netinet/in.h> 22b1b8bc3fSopenharmony_ci#include <cstdint> 23b1b8bc3fSopenharmony_ci 24b1b8bc3fSopenharmony_ci#include "netlink_msg.h" 25b1b8bc3fSopenharmony_ci#include "network_permission.h" 26b1b8bc3fSopenharmony_ci#include "uid_range.h" 27b1b8bc3fSopenharmony_ci 28b1b8bc3fSopenharmony_cinamespace OHOS { 29b1b8bc3fSopenharmony_cinamespace nmd { 30b1b8bc3fSopenharmony_ciconstexpr uid_t INVALID_UID = static_cast<uid_t>(-1); 31b1b8bc3fSopenharmony_citypedef struct RuleInfo { 32b1b8bc3fSopenharmony_ci uint32_t ruleTable; 33b1b8bc3fSopenharmony_ci uint32_t rulePriority; 34b1b8bc3fSopenharmony_ci uint32_t ruleFwmark; 35b1b8bc3fSopenharmony_ci uint32_t ruleMask; 36b1b8bc3fSopenharmony_ci std::string ruleIif; 37b1b8bc3fSopenharmony_ci std::string ruleOif; 38b1b8bc3fSopenharmony_ci std::string ruleSrcIp; 39b1b8bc3fSopenharmony_ci std::string ruleDstIp; 40b1b8bc3fSopenharmony_ci} RuleInfo; 41b1b8bc3fSopenharmony_ci 42b1b8bc3fSopenharmony_citypedef struct RouteInfo { 43b1b8bc3fSopenharmony_ci uint32_t routeTable; 44b1b8bc3fSopenharmony_ci std::string routeInterfaceName; 45b1b8bc3fSopenharmony_ci std::string routeDestinationName; 46b1b8bc3fSopenharmony_ci std::string routeNextHop; 47b1b8bc3fSopenharmony_ci} RouteInfo; 48b1b8bc3fSopenharmony_ci 49b1b8bc3fSopenharmony_citypedef struct InetAddr { 50b1b8bc3fSopenharmony_ci int32_t family; 51b1b8bc3fSopenharmony_ci int32_t bitlen; 52b1b8bc3fSopenharmony_ci int32_t prefixlen; 53b1b8bc3fSopenharmony_ci uint8_t data[sizeof(struct in6_addr)]; 54b1b8bc3fSopenharmony_ci} InetAddr; 55b1b8bc3fSopenharmony_ci 56b1b8bc3fSopenharmony_ciclass RouteManager { 57b1b8bc3fSopenharmony_cipublic: 58b1b8bc3fSopenharmony_ci RouteManager(); 59b1b8bc3fSopenharmony_ci ~RouteManager() = default; 60b1b8bc3fSopenharmony_ci 61b1b8bc3fSopenharmony_ci /** 62b1b8bc3fSopenharmony_ci * Route table type 63b1b8bc3fSopenharmony_ci * 64b1b8bc3fSopenharmony_ci */ 65b1b8bc3fSopenharmony_ci enum TableType { 66b1b8bc3fSopenharmony_ci INTERFACE, 67b1b8bc3fSopenharmony_ci VPN_NETWORK, 68b1b8bc3fSopenharmony_ci LOCAL_NETWORK, 69b1b8bc3fSopenharmony_ci INTERNAL_DEFAULT, 70b1b8bc3fSopenharmony_ci }; 71b1b8bc3fSopenharmony_ci 72b1b8bc3fSopenharmony_ci /** 73b1b8bc3fSopenharmony_ci * The interface is add route table 74b1b8bc3fSopenharmony_ci * 75b1b8bc3fSopenharmony_ci * @param tableType Route table type.Must be one of INTERFACE/VPN_NETWORK/LOCAL_NETWORK. 76b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 77b1b8bc3fSopenharmony_ci * @param destinationName Destination address of route item 78b1b8bc3fSopenharmony_ci * @param nextHop Gateway address of the route item 79b1b8bc3fSopenharmony_ci * @return Returns 0, add route table successfully, otherwise it will fail 80b1b8bc3fSopenharmony_ci */ 81b1b8bc3fSopenharmony_ci static int32_t AddRoute(TableType tableType, const std::string &interfaceName, const std::string &destinationName, 82b1b8bc3fSopenharmony_ci const std::string &nextHop, bool& routeRepeat); 83b1b8bc3fSopenharmony_ci 84b1b8bc3fSopenharmony_ci /** 85b1b8bc3fSopenharmony_ci * The interface is remove route table 86b1b8bc3fSopenharmony_ci * 87b1b8bc3fSopenharmony_ci * @param tableType Route table type.Must be one of INTERFACE/VPN_NETWORK/LOCAL_NETWORK. 88b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 89b1b8bc3fSopenharmony_ci * @param destinationName Destination address of route item 90b1b8bc3fSopenharmony_ci * @param nextHop Gateway address of the route item 91b1b8bc3fSopenharmony_ci * @return Returns 0, remove route table successfully, otherwise it will fail 92b1b8bc3fSopenharmony_ci */ 93b1b8bc3fSopenharmony_ci static int32_t RemoveRoute(TableType tableType, const std::string &interfaceName, 94b1b8bc3fSopenharmony_ci const std::string &destinationName, const std::string &nextHop); 95b1b8bc3fSopenharmony_ci 96b1b8bc3fSopenharmony_ci /** 97b1b8bc3fSopenharmony_ci * The interface is update route table 98b1b8bc3fSopenharmony_ci * 99b1b8bc3fSopenharmony_ci * @param tableType Route table type.Must be one of INTERFACE/VPN_NETWORK/LOCAL_NETWORK. 100b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 101b1b8bc3fSopenharmony_ci * @param destinationName Destination address of route item 102b1b8bc3fSopenharmony_ci * @param nextHop Gateway address of the route item 103b1b8bc3fSopenharmony_ci * @return Returns 0, update route table successfully, otherwise it will fail 104b1b8bc3fSopenharmony_ci */ 105b1b8bc3fSopenharmony_ci static int32_t UpdateRoute(TableType tableType, const std::string &interfaceName, 106b1b8bc3fSopenharmony_ci const std::string &destinationName, const std::string &nextHop); 107b1b8bc3fSopenharmony_ci 108b1b8bc3fSopenharmony_ci /** 109b1b8bc3fSopenharmony_ci * Add interface to default network 110b1b8bc3fSopenharmony_ci * 111b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 112b1b8bc3fSopenharmony_ci * @param permission Network permission. Must be one of 113b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 114b1b8bc3fSopenharmony_ci * @return Returns 0, add interface to default network successfully, otherwise it will fail 115b1b8bc3fSopenharmony_ci */ 116b1b8bc3fSopenharmony_ci static int32_t AddInterfaceToDefaultNetwork(const std::string &interfaceName, NetworkPermission permission); 117b1b8bc3fSopenharmony_ci 118b1b8bc3fSopenharmony_ci /** 119b1b8bc3fSopenharmony_ci * Remove interface from default network 120b1b8bc3fSopenharmony_ci * 121b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 122b1b8bc3fSopenharmony_ci * @param permission Network permission. Must be one of 123b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 124b1b8bc3fSopenharmony_ci * @return Returns 0, remove interface from default network successfully, otherwise it will fail 125b1b8bc3fSopenharmony_ci */ 126b1b8bc3fSopenharmony_ci static int32_t RemoveInterfaceFromDefaultNetwork(const std::string &interfaceName, NetworkPermission permission); 127b1b8bc3fSopenharmony_ci 128b1b8bc3fSopenharmony_ci /** 129b1b8bc3fSopenharmony_ci * Add interface to physical network 130b1b8bc3fSopenharmony_ci * 131b1b8bc3fSopenharmony_ci * @param netId Network number 132b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 133b1b8bc3fSopenharmony_ci * @param permission Network permission. Must be one of 134b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 135b1b8bc3fSopenharmony_ci * @return Returns 0, add interface to physical network successfully, otherwise it will fail 136b1b8bc3fSopenharmony_ci */ 137b1b8bc3fSopenharmony_ci static int32_t AddInterfaceToPhysicalNetwork(uint16_t netId, const std::string &interfaceName, 138b1b8bc3fSopenharmony_ci NetworkPermission permission); 139b1b8bc3fSopenharmony_ci 140b1b8bc3fSopenharmony_ci /** 141b1b8bc3fSopenharmony_ci * Remove interface from physical network 142b1b8bc3fSopenharmony_ci * 143b1b8bc3fSopenharmony_ci * @param netId Network number 144b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 145b1b8bc3fSopenharmony_ci * @param permission Network permission. Must be one of 146b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 147b1b8bc3fSopenharmony_ci * @return Returns 0, remove interface from physical network successfully, otherwise it will fail 148b1b8bc3fSopenharmony_ci */ 149b1b8bc3fSopenharmony_ci static int32_t RemoveInterfaceFromPhysicalNetwork(uint16_t netId, const std::string &interfaceName, 150b1b8bc3fSopenharmony_ci NetworkPermission permission); 151b1b8bc3fSopenharmony_ci 152b1b8bc3fSopenharmony_ci /** 153b1b8bc3fSopenharmony_ci * Modify physical network permission 154b1b8bc3fSopenharmony_ci * 155b1b8bc3fSopenharmony_ci * @param netId Network number 156b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 157b1b8bc3fSopenharmony_ci * @param oldPermission Old network permission. Must be one of 158b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 159b1b8bc3fSopenharmony_ci * @param newPermission New network permission. Must be one of 160b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 161b1b8bc3fSopenharmony_ci * @return Returns 0, modify physical network permission successfully, otherwise it will fail 162b1b8bc3fSopenharmony_ci */ 163b1b8bc3fSopenharmony_ci static int32_t ModifyPhysicalNetworkPermission(uint16_t netId, const std::string &interfaceName, 164b1b8bc3fSopenharmony_ci NetworkPermission oldPermission, NetworkPermission newPermission); 165b1b8bc3fSopenharmony_ci 166b1b8bc3fSopenharmony_ci /** 167b1b8bc3fSopenharmony_ci * Add interface to virtual network 168b1b8bc3fSopenharmony_ci * 169b1b8bc3fSopenharmony_ci * @param netId Network number 170b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 171b1b8bc3fSopenharmony_ci * @return Returns 0, add interface to virtual network successfully, otherwise it will fail 172b1b8bc3fSopenharmony_ci */ 173b1b8bc3fSopenharmony_ci static int32_t AddInterfaceToVirtualNetwork(int32_t netId, const std::string &interfaceName); 174b1b8bc3fSopenharmony_ci 175b1b8bc3fSopenharmony_ci /** 176b1b8bc3fSopenharmony_ci * Remove interface from virtual network 177b1b8bc3fSopenharmony_ci * 178b1b8bc3fSopenharmony_ci * @param netId Network number 179b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 180b1b8bc3fSopenharmony_ci * @return Returns 0, remove interface from virtual network successfully, otherwise it will fail 181b1b8bc3fSopenharmony_ci */ 182b1b8bc3fSopenharmony_ci static int32_t RemoveInterfaceFromVirtualNetwork(int32_t netId, const std::string &interfaceName); 183b1b8bc3fSopenharmony_ci 184b1b8bc3fSopenharmony_ci static int32_t AddUsersToVirtualNetwork(int32_t netId, const std::string &interfaceName, 185b1b8bc3fSopenharmony_ci const std::vector<NetManagerStandard::UidRange> &uidRanges); 186b1b8bc3fSopenharmony_ci 187b1b8bc3fSopenharmony_ci static int32_t RemoveUsersFromVirtualNetwork(int32_t netId, const std::string &interfaceName, 188b1b8bc3fSopenharmony_ci const std::vector<NetManagerStandard::UidRange> &uidRanges); 189b1b8bc3fSopenharmony_ci 190b1b8bc3fSopenharmony_ci /** 191b1b8bc3fSopenharmony_ci * Add interface to local network 192b1b8bc3fSopenharmony_ci * 193b1b8bc3fSopenharmony_ci * @param netId Network number 194b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 195b1b8bc3fSopenharmony_ci * @return Returns 0, add interface to local network successfully, otherwise it will fail 196b1b8bc3fSopenharmony_ci */ 197b1b8bc3fSopenharmony_ci static int32_t AddInterfaceToLocalNetwork(uint16_t netId, const std::string &interfaceName); 198b1b8bc3fSopenharmony_ci 199b1b8bc3fSopenharmony_ci /** 200b1b8bc3fSopenharmony_ci * Remove interface from local network 201b1b8bc3fSopenharmony_ci * 202b1b8bc3fSopenharmony_ci * @param netId Network number 203b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 204b1b8bc3fSopenharmony_ci * @return Returns 0, remove interface from local network successfully, otherwise it will fail 205b1b8bc3fSopenharmony_ci */ 206b1b8bc3fSopenharmony_ci static int32_t RemoveInterfaceFromLocalNetwork(uint16_t netId, const std::string &interfaceName); 207b1b8bc3fSopenharmony_ci 208b1b8bc3fSopenharmony_ci /** 209b1b8bc3fSopenharmony_ci * Enable sharing network 210b1b8bc3fSopenharmony_ci * 211b1b8bc3fSopenharmony_ci * @param inputInterface Input network device name of the route item 212b1b8bc3fSopenharmony_ci * @param outputInterface Output network device name of the route item 213b1b8bc3fSopenharmony_ci * @return Returns 0, enable sharing network successfully, otherwise it will fail 214b1b8bc3fSopenharmony_ci */ 215b1b8bc3fSopenharmony_ci static int32_t EnableSharing(const std::string &inputInterface, const std::string &outputInterface); 216b1b8bc3fSopenharmony_ci 217b1b8bc3fSopenharmony_ci /** 218b1b8bc3fSopenharmony_ci * Disable sharing network 219b1b8bc3fSopenharmony_ci * 220b1b8bc3fSopenharmony_ci * @param inputInterface Input network device name of the route item 221b1b8bc3fSopenharmony_ci * @param outputInterface Output network device name of the route item 222b1b8bc3fSopenharmony_ci * @return Returns 0, disable sharing network successfully, otherwise it will fail 223b1b8bc3fSopenharmony_ci */ 224b1b8bc3fSopenharmony_ci static int32_t DisableSharing(const std::string &inputInterface, const std::string &outputInterface); 225b1b8bc3fSopenharmony_ci 226b1b8bc3fSopenharmony_ci /** 227b1b8bc3fSopenharmony_ci * Parse destination address 228b1b8bc3fSopenharmony_ci * 229b1b8bc3fSopenharmony_ci * @param addr Address to be parse 230b1b8bc3fSopenharmony_ci * @param res Parse result 231b1b8bc3fSopenharmony_ci * @return Returns 0, parse destination address successfully, otherwise it will fail 232b1b8bc3fSopenharmony_ci */ 233b1b8bc3fSopenharmony_ci static int32_t ReadAddr(const std::string &addr, InetAddr *res); 234b1b8bc3fSopenharmony_ci 235b1b8bc3fSopenharmony_ci /** 236b1b8bc3fSopenharmony_ci * Parse gateway address 237b1b8bc3fSopenharmony_ci * 238b1b8bc3fSopenharmony_ci * @param addr Address to be parse 239b1b8bc3fSopenharmony_ci * @param res Parse result 240b1b8bc3fSopenharmony_ci * @return Returns 0, parse gateway address successfully, otherwise it will fail 241b1b8bc3fSopenharmony_ci */ 242b1b8bc3fSopenharmony_ci static int32_t ReadAddrGw(const std::string &addr, InetAddr *res); 243b1b8bc3fSopenharmony_ci 244b1b8bc3fSopenharmony_ci /** 245b1b8bc3fSopenharmony_ci * Add rules for clat tun interface 246b1b8bc3fSopenharmony_ci * 247b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 248b1b8bc3fSopenharmony_ci * @param permission Network permission. Must be one of 249b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 250b1b8bc3fSopenharmony_ci * @return Returns 0, add rules successfully, otherwise it will fail 251b1b8bc3fSopenharmony_ci */ 252b1b8bc3fSopenharmony_ci static int32_t AddClatTunInterface(const std::string &interfaceName, const std::string &dstAddr, 253b1b8bc3fSopenharmony_ci const std::string &nxtHop); 254b1b8bc3fSopenharmony_ci 255b1b8bc3fSopenharmony_ci /** 256b1b8bc3fSopenharmony_ci * Remove rules for clat tun interface 257b1b8bc3fSopenharmony_ci * 258b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 259b1b8bc3fSopenharmony_ci * @param permission Network permission. Must be one of 260b1b8bc3fSopenharmony_ci * PERMISSION_NONE/PERMISSION_NETWORK/PERMISSION_SYSTEM. 261b1b8bc3fSopenharmony_ci * @return Returns 0, remove rules successfully, otherwise it will fail 262b1b8bc3fSopenharmony_ci */ 263b1b8bc3fSopenharmony_ci static int32_t RemoveClatTunInterface(const std::string &interfaceName); 264b1b8bc3fSopenharmony_ci 265b1b8bc3fSopenharmony_ci /** 266b1b8bc3fSopenharmony_ci * Update route for vnic interface 267b1b8bc3fSopenharmony_ci * 268b1b8bc3fSopenharmony_ci * @param interfaceName Output network device name of the route item 269b1b8bc3fSopenharmony_ci * @param destinationName Destination address of route item 270b1b8bc3fSopenharmony_ci * @param nextHop Gateway address of the route item 271b1b8bc3fSopenharmony_ci * @param add add or delete route 272b1b8bc3fSopenharmony_ci * @return Returns 0, Update route successfully, otherwise it will fail 273b1b8bc3fSopenharmony_ci */ 274b1b8bc3fSopenharmony_ci static int32_t UpdateVnicRoute(const std::string &interfaceName, const std::string &destinationName, 275b1b8bc3fSopenharmony_ci const std::string &nextHop, bool add); 276b1b8bc3fSopenharmony_ci 277b1b8bc3fSopenharmony_ci /** 278b1b8bc3fSopenharmony_ci * Update uid ranges for vnic interface 279b1b8bc3fSopenharmony_ci * 280b1b8bc3fSopenharmony_ci * @param uidRanges uidRanges to update 281b1b8bc3fSopenharmony_ci * @param add add or delete uid ranges 282b1b8bc3fSopenharmony_ci * @return Returns 0, update UidRangesRules successfully, otherwise it will fail 283b1b8bc3fSopenharmony_ci */ 284b1b8bc3fSopenharmony_ci static int32_t UpdateVnicUidRangesRule(const std::vector<NetManagerStandard::UidRange> &uidRanges, bool add); 285b1b8bc3fSopenharmony_ci 286b1b8bc3fSopenharmony_ci /** 287b1b8bc3fSopenharmony_ci * Enable distribute client net: create virnic and config route 288b1b8bc3fSopenharmony_ci * 289b1b8bc3fSopenharmony_ci * @param virNicAddr virnic addr 290b1b8bc3fSopenharmony_ci * @param iif iif name to config route 291b1b8bc3fSopenharmony_ci * @return Returns 0, enable successfully, otherwise it will fail 292b1b8bc3fSopenharmony_ci */ 293b1b8bc3fSopenharmony_ci static int32_t EnableDistributedClientNet(const std::string &virNicAddr, const std::string &iif); 294b1b8bc3fSopenharmony_ci 295b1b8bc3fSopenharmony_ci /** 296b1b8bc3fSopenharmony_ci * Enable distribute client net: config route 297b1b8bc3fSopenharmony_ci * 298b1b8bc3fSopenharmony_ci * @param iif iif to config route 299b1b8bc3fSopenharmony_ci * @param devIface dev Iface name to config route 300b1b8bc3fSopenharmony_ci * @param dstAddr dstAddr to config route 301b1b8bc3fSopenharmony_ci * @return Returns 0, enable successfully, otherwise it will fail 302b1b8bc3fSopenharmony_ci */ 303b1b8bc3fSopenharmony_ci static int32_t EnableDistributedServerNet(const std::string &iif, const std::string &devIface, 304b1b8bc3fSopenharmony_ci const std::string &dstAddr); 305b1b8bc3fSopenharmony_ci 306b1b8bc3fSopenharmony_ci /** 307b1b8bc3fSopenharmony_ci * Disable distribute net: del route 308b1b8bc3fSopenharmony_ci * 309b1b8bc3fSopenharmony_ci * @param isServer true:server, false:client 310b1b8bc3fSopenharmony_ci * @return Returns 0, disable successfully, otherwise it will fail 311b1b8bc3fSopenharmony_ci */ 312b1b8bc3fSopenharmony_ci static int32_t DisableDistributedNet(bool isServer); 313b1b8bc3fSopenharmony_ci 314b1b8bc3fSopenharmony_ciprivate: 315b1b8bc3fSopenharmony_ci static std::mutex interfaceToTableLock_; 316b1b8bc3fSopenharmony_ci static std::map<std::string, uint32_t> interfaceToTable_; 317b1b8bc3fSopenharmony_ci static int32_t Init(); 318b1b8bc3fSopenharmony_ci static int32_t ClearRules(); 319b1b8bc3fSopenharmony_ci static int32_t ClearRoutes(const std::string &interfaceName, int32_t netId = 0); 320b1b8bc3fSopenharmony_ci static int32_t AddLocalNetworkRules(); 321b1b8bc3fSopenharmony_ci static int32_t UpdatePhysicalNetwork(uint16_t netId, const std::string &interfaceName, NetworkPermission permission, 322b1b8bc3fSopenharmony_ci bool add); 323b1b8bc3fSopenharmony_ci static int32_t UpdateVirtualNetwork(int32_t netId, const std::string &interfaceName, 324b1b8bc3fSopenharmony_ci const std::vector<NetManagerStandard::UidRange> &uidRanges, bool add); 325b1b8bc3fSopenharmony_ci static int32_t ModifyVirtualNetBasedRules(int32_t netId, const std::string &ifaceName, bool add); 326b1b8bc3fSopenharmony_ci 327b1b8bc3fSopenharmony_ci static int32_t UpdateLocalNetwork(uint16_t netId, const std::string &interfaceName, bool add); 328b1b8bc3fSopenharmony_ci static int32_t UpdateIncomingPacketMark(uint16_t netId, const std::string &interfaceName, 329b1b8bc3fSopenharmony_ci NetworkPermission permission, bool add); 330b1b8bc3fSopenharmony_ci static int32_t UpdateExplicitNetworkRule(uint16_t netId, uint32_t table, NetworkPermission permission, bool add); 331b1b8bc3fSopenharmony_ci static int32_t UpdateOutputInterfaceRules(const std::string &interfaceName, uint32_t table, 332b1b8bc3fSopenharmony_ci NetworkPermission permission, bool add); 333b1b8bc3fSopenharmony_ci static int32_t UpdateSharingNetwork(uint16_t action, const std::string &inputInterface, 334b1b8bc3fSopenharmony_ci const std::string &outputInterface); 335b1b8bc3fSopenharmony_ci static int32_t UpdateVpnOutputToLocalRule(const std::string &interfaceName, bool add); 336b1b8bc3fSopenharmony_ci static int32_t UpdateVpnSystemPermissionRule(int32_t netId, uint32_t table, bool add); 337b1b8bc3fSopenharmony_ci 338b1b8bc3fSopenharmony_ci static int32_t UpdateVpnUidRangeRule(uint32_t table, uid_t uidStart, uid_t uidEnd, bool add); 339b1b8bc3fSopenharmony_ci static int32_t UpdateExplicitNetworkRuleWithUid(int32_t netId, uint32_t table, NetworkPermission permission, 340b1b8bc3fSopenharmony_ci uid_t uidStart, uid_t uidEnd, bool add); 341b1b8bc3fSopenharmony_ci static int32_t UpdateOutputInterfaceRulesWithUid(const std::string &interface, uint32_t table, 342b1b8bc3fSopenharmony_ci NetworkPermission permission, uid_t uidStart, uid_t uidEnd, 343b1b8bc3fSopenharmony_ci bool add); 344b1b8bc3fSopenharmony_ci static int32_t ClearSharingRules(const std::string &inputInterface); 345b1b8bc3fSopenharmony_ci static int32_t UpdateRuleInfo(uint32_t action, uint8_t ruleType, RuleInfo ruleInfo, uid_t uidStart = INVALID_UID, 346b1b8bc3fSopenharmony_ci uid_t uidEnd = INVALID_UID); 347b1b8bc3fSopenharmony_ci static int32_t UpdateDistributedRule(uint32_t action, uint8_t ruleType, RuleInfo ruleInfo, 348b1b8bc3fSopenharmony_ci uid_t uidStart, uid_t uidEnd); 349b1b8bc3fSopenharmony_ci static int32_t SendRuleToKernel(uint32_t action, uint8_t family, uint8_t ruleType, RuleInfo ruleInfo, 350b1b8bc3fSopenharmony_ci uid_t uidStart, uid_t uidEnd); 351b1b8bc3fSopenharmony_ci static int32_t SendRuleToKernelEx(uint32_t action, uint8_t family, uint8_t ruleType, RuleInfo ruleInfo, 352b1b8bc3fSopenharmony_ci uid_t uidStart, uid_t uidEnd); 353b1b8bc3fSopenharmony_ci static int32_t UpdateRouteRule(uint16_t action, uint16_t flags, RouteInfo routeInfo); 354b1b8bc3fSopenharmony_ci static int32_t SendRouteToKernel(uint16_t action, uint16_t routeFlag, rtmsg msg, RouteInfo routeInfo, 355b1b8bc3fSopenharmony_ci uint32_t index); 356b1b8bc3fSopenharmony_ci static uint32_t FindTableByInterfacename(const std::string &interfaceName, int32_t netId = 0); 357b1b8bc3fSopenharmony_ci static uint32_t GetRouteTableFromType(TableType tableType, const std::string &interfaceName); 358b1b8bc3fSopenharmony_ci static int32_t SetRouteInfo(TableType tableType, const std::string &interfaceName, 359b1b8bc3fSopenharmony_ci const std::string &destinationName, const std::string &nextHop, 360b1b8bc3fSopenharmony_ci RouteInfo &routeInfo); 361b1b8bc3fSopenharmony_ci static int32_t UpdateClatTunInterface(const std::string &interfaceName, 362b1b8bc3fSopenharmony_ci NetworkPermission permission, bool add); 363b1b8bc3fSopenharmony_ci static int32_t AddServerUplinkRoute(const std::string &UplinkIif, const std::string &devIface); 364b1b8bc3fSopenharmony_ci static int32_t AddServerDownlinkRoute(const std::string &UplinkIif, const std::string &dstAddr); 365b1b8bc3fSopenharmony_ci}; 366b1b8bc3fSopenharmony_ci} // namespace nmd 367b1b8bc3fSopenharmony_ci} // namespace OHOS 368b1b8bc3fSopenharmony_ci#endif // INCLUDE_ROUTE_MANAGER_H 369