mirror/realtek-doc
1
0
Fork 0
mirror of https://github.com/plappermaul/realtek-doc.git synced 2025-12-10 07:44:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
realtek-doc/sources/rtk-dms-1250/include/dal/cypress/dal_cypress_sec.h
Markus Stockhausen 18a30ac6d1 add XGS1210 sdk
2025-04-27 15:53:52 -04:00

442 lines
11 KiB
C
Raw Blame History

/*
* Copyright(c) Realtek Semiconductor Corporation, 2009
* All rights reserved.
*
* $Revision$
* $Date$
*
* Purpose : Definition those public security APIs and its data type in the SDK.
*
* Feature : The file have include the following module and sub-modules
* 1) Attack prevention
*/
#ifndef __DAL_CYPRESS_SEC_H__
#define __DAL_CYPRESS_SEC_H__
/*
* Include Files
*/
#include <common/rt_type.h>
#include <rtk/sec.h>
#include <dal/dal_mapper.h>
/*
* Symbol Definition
*/
/*
* Data Declaration
*/
/*
* Macro Declaration
*/
/*
* Function Declaration
*/
/* Function Name:
* dal_cypress_secMapper_init
* Description:
* Hook sec module of the specified device.
* Input:
* unit - unit id
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* Note:
* Must Hook sec module before calling any sec APIs.
*/
extern int32
dal_cypress_secMapper_init(dal_mapper_t *pMapper);
/* Module Name : Security */
/* Function Name:
* dal_cypress_sec_init
* Description:
* Initialize security module of the specified device.
* Input:
* unit - unit id
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* Note:
* Must initialize security module before calling any sec APIs.
*/
extern int32
dal_cypress_sec_init(uint32 unit);
/* Module Name : Security */
/* Sub-module Name: Attack prevention */
/* Function Name:
* dal_cypress_sec_portAttackPrevent_get
* Description:
* Get action for each kind of attack on specified port.
* Input:
* unit - unit id
* port - port id
* attack_type - type of attack
* Output:
* pAction - pointer to action for attack
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_PORT_ID - invalid port id
* RT_ERR_INPUT - invalid input parameter
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* Type of attack is as following:
* - ARP_INVALID
* - GRATUITOUS_ARP
*
* Action is as following:
* - ACTION_FORWARD
* - ACTION_DROP
* - ACTION_TRAP2CPU
*/
extern int32
dal_cypress_sec_portAttackPrevent_get(
uint32 unit,
rtk_port_t port,
rtk_sec_attackType_t attack_type,
rtk_action_t *pAction);
/* Function Name:
* dal_cypress_sec_portAttackPrevent_set
* Description:
* Set action for each kind of attack on specified port.
* Input:
* unit - unit id
* port - port id
* attack_type - type of attack
* action - action for attack
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_PORT_ID - invalid port id
* RT_ERR_FWD_ACTION - invalid forwarding action
* RT_ERR_INPUT - invalid input parameter
* Note:
* Type of attack is as following:
* - ARP_INVALID
* - GRATUITOUS_ARP
*
* Action is as following:
* - ACTION_FORWARD
* - ACTION_DROP
* - ACTION_TRAP2CPU
*/
extern int32
dal_cypress_sec_portAttackPrevent_set(
uint32 unit,
rtk_port_t port,
rtk_sec_attackType_t attack_type,
rtk_action_t action);
/* Function Name:
* dal_cypress_sec_portAttackPreventEnable_get
* Description:
* Get the attack prevention status of the specific port
* Input:
* unit - unit id
* port - port id
* Output:
* pEnable - pointer to the status of the attack prevention
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_PORT_ID - invalid port id
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* None
*/
extern int32
dal_cypress_sec_portAttackPreventEnable_get(uint32 unit, rtk_port_t port, rtk_enable_t *pEnable);
/* Function Name:
* dal_cypress_sec_portAttackPreventEnable_set
* Description:
* Set the attack prevention status of the specific port
* Input:
* unit - unit id
* port - port id
* enable - pointer to the status of the attack prevention
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_PORT_ID - invalid port id
* RT_ERR_INPUT - invalid input parameter
* Note:
* None
*/
extern int32
dal_cypress_sec_portAttackPreventEnable_set(uint32 unit, rtk_port_t port, rtk_enable_t enable);
/* Function Name:
* dal_cypress_sec_attackPreventAction_get
* Description:
* Get action for each kind of attack.
* Input:
* unit - unit id
* attack_type - type of attack
* Output:
* pAction - pointer to action for attack
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_INPUT - invalid input parameter
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* Type of attack is as following:
* - TCP_FRAG_OFF_MIN_CHECK
* - SYNRST_DENY
* - SYNFIN_DENY
* - XMA_DENY
* - XMA_DENY
* - SYN_SPORTL1024_DENY
* - TCPHDR_MIN_CHECK
* - SMURF_DENY
* - ICMPV6_PING_MAX_CHECK
* - ICMPV4_PING_MAX_CHECK
* - ICMP_FRAG_PKTS_DENY
* - IPV6_MIN_FRAG_SIZE_CHECK
* - POD_DENY
* - TCPBLAT_DENY
* - UDPBLAT_DENY
* - LAND_DENY
* - DAEQSA_DENY
*
* Action is as following:
* - ACTION_FORWARD
* - ACTION_DROP
* - ACTION_TRAP2CPU
*/
extern int32
dal_cypress_sec_attackPreventAction_get(
uint32 unit,
rtk_sec_attackType_t attack_type,
rtk_action_t *pAction);
/* Function Name:
* dal_cypress_sec_attackPreventAction_set
* Description:
* Set action for each kind of attack on specified port.
* Input:
* unit - unit id
* attack_type - type of attack
* action - action for attack
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_FWD_ACTION - invalid forwarding action
* RT_ERR_INPUT - invalid input parameter
* Note:
* Type of attack is as following:
* - TCP_FRAG_OFF_MIN_CHECK
* - SYNRST_DENY
* - SYNFIN_DENY
* - XMA_DENY
* - XMA_DENY
* - SYN_SPORTL1024_DENY
* - TCPHDR_MIN_CHECK
* - SMURF_DENY
* - ICMPV6_PING_MAX_CHECK
* - ICMPV4_PING_MAX_CHECK
* - ICMP_FRAG_PKTS_DENY
* - IPV6_MIN_FRAG_SIZE_CHECK
* - POD_DENY
* - TCPBLAT_DENY
* - UDPBLAT_DENY
* - LAND_DENY
* - DAEQSA_DENY
*
* Action is as following:
* - ACTION_FORWARD
* - ACTION_DROP
* - ACTION_TRAP2CPU
*/
extern int32
dal_cypress_sec_attackPreventAction_set(
uint32 unit,
rtk_sec_attackType_t attack_type,
rtk_action_t action);
/* Function Name:
* dal_cypress_sec_minIPv6FragLen_get
* Description:
* Get minimum length of IPv6 fragments.
* Input:
* unit - unit id
* Output:
* pLength - pointer to minimum length of IPv6 fragments
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* None
*/
extern int32
dal_cypress_sec_minIPv6FragLen_get(uint32 unit, uint32 *pLength);
/* Function Name:
* dal_cypress_sec_minIPv6FragLen_set
* Description:
* Set minimum length of IPv6 fragments on specified port.
* Input:
* unit - unit id
* length - minimum length of IPv6 fragments
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_OUT_OF_RANGE - input parameter out of range
* Note:
* None
*/
extern int32
dal_cypress_sec_minIPv6FragLen_set(uint32 unit, uint32 length);
/* Function Name:
* dal_cypress_sec_maxPingLen_get
* Description:
* Get maximum length of ICMP packet on specified port.
* Input:
* unit - unit id
* port - port id
* Output:
* pLength - pointer to maximum length of ICMP packet
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* None
*/
extern int32
dal_cypress_sec_maxPingLen_get(uint32 unit, uint32 *pLength);
/* Function Name:
* dal_cypress_sec_maxPingLen_set
* Description:
* Set maximum length of ICMP packet.
* Input:
* unit - unit id
* length - maximum length of ICMP packet
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_OUT_OF_RANGE - input parameter out of range
* Note:
* None
*/
extern int32
dal_cypress_sec_maxPingLen_set(uint32 unit, uint32 length);
/* Function Name:
* dal_cypress_sec_minTCPHdrLen_get
* Description:
* Get minimum length of TCP header.
* Input:
* unit - unit id
* Output:
* pLength - pointer to minimum length of TCP header
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* None
*/
extern int32
dal_cypress_sec_minTCPHdrLen_get(uint32 unit, uint32 *pLength);
/* Function Name:
* dal_cypress_sec_minTCPHdrLen_set
* Description:
* Set minimum length of TCP header on specified port.
* Input:
* unit - unit id
* length - minimum length of TCP header
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_OUT_OF_RANGE - input parameter out of range
* Note:
* None
*/
extern int32
dal_cypress_sec_minTCPHdrLen_set(uint32 unit, uint32 length);
/* Function Name:
* dal_cypress_sec_smurfNetmaskLen_get
* Description:
* Get netmask length for preventing SMURF attack.
* Input:
* unit - unit id
* Output:
* pLength - pointer to netmask length
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_NULL_POINTER - input parameter may be null pointer
* Note:
* None
*/
extern int32
dal_cypress_sec_smurfNetmaskLen_get(uint32 unit, uint32 *pLength);
/* Function Name:
* dal_cypress_sec_smurfNetmaskLen_set
* Description:
* Set netmask length for preventing SMURF attack on specified port.
* Input:
* unit - unit id
* length - netmask length
* Output:
* None
* Return:
* RT_ERR_OK
* RT_ERR_FAILED
* RT_ERR_NOT_INIT - The module is not initial
* RT_ERR_OUT_OF_RANGE - input parameter out of range
* Note:
* None
*/
extern int32
dal_cypress_sec_smurfNetmaskLen_set(uint32 unit, uint32 length);
#endif /* __DAL_cypress_SEC_H__ */
Reference in a new issue View git blame Copy permalink