Manpages

BSDE_GET_RULE(3) BSD Library Functions Manual BSDE_GET_RULE(3)

NAME

bsde_add_rule, bsde_get_rule, bsde_set_rule, bsde_delete_rule — file system firewall rules list management

LIBRARY

File System Firewall Interface Library (libugidfw, −lugidfw)

SYNOPSIS

#include <ugidfw.h>

int

bsde_add_rule(int *rulenum, struct mac_bsdextended_rule *rule, size_t buflen, char *errstr);

int

bsde_get_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

int

bsde_set_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

int

bsde_delete_rule(int rulenum, size_t errlen, char *errstr);

DESCRIPTION

The bsde_add_rule() function fills the next available rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or bsde_parse_rule(3)). If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL). If successful and rulenum is non-NULL, the rule number used will be returned in *rulenum.

The bsde_get_rule() function fills in *rule with the rule numbered rulenum. If an error occurs, *errstr is filled in with the error string (up to errlen characters, including the terminating NUL).

The bsde_set_rule() function fills the slot numbered rulenum with the specified rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or bsde_parse_rule(3)). If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).

The bsde_delete_rule() function deletes the rule numbered rulenum. If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).

RETURN VALUES

The bsde_get_rule(), bsde_set_rule(), and bsde_delete_rule() functions return 0 if successful; otherwise the value −1 is returned and the value of *errstr is filled in as documented in DESCRIPTION.

SEE ALSO

bsde_get_rule_count(3), bsde_get_rule_slots(3), bsde_parse_rule(3), bsde_parse_rule_string(3), bsde_rule_to_string(3), libugidfw(3), mac_bsdextended(4), ugidfw(8)

AUTHORS

This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (’’CBOSS’’), as part of the DARPA CHATS research program.

BSD February 24, 2004 BSD