tail head cat sleep
QR code linking to this page
Main index Section 3
Go to:
Options

Manual Pages  — BSDE_GET_RULE

NAME

bsde_add_rule, bsde_get_rule, bsde_set_rule, bsde_delete_rule – file system firewall rules list management

CONTENTS

LIBRARY

File System Firewall Interface Library (libugidfw, -lugidfw)

SYNOPSIS

#include <ugidfw.h>

int
bsde_add_rule(int *rulenum, struct mac_bsdextended_rule *rule, size_t buflen, char *errstr);

int
bsde_get_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

int
bsde_set_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

int
bsde_delete_rule(int rulenum, size_t errlen, char *errstr);

DESCRIPTION

The bsde_add_rule() function fills the next available rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or bsde_parse_rule(3)). If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL). If successful and rulenum is non- NULL, the rule number used will be returned in *rulenum.

The bsde_get_rule() function fills in *rule with the rule numbered rulenum. If an error occurs, *errstr is filled in with the error string (up to errlen characters, including the terminating NUL).

The bsde_set_rule() function fills the slot numbered rulenum with the specified rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or bsde_parse_rule(3)). If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).

The bsde_delete_rule() function deletes the rule numbered rulenum. If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).

RETURN VALUES

The bsde_get_rule(), bsde_set_rule(), and bsde_delete_rule() functions return 0 if successful; otherwise the value -1 is returned and the value of *errstr is filled in as documented in DESCRIPTION.

SEE ALSO

bsde_get_rule_count(3), bsde_get_rule_slots(3), bsde_parse_rule(3), bsde_parse_rule_string(3), bsde_rule_to_string(3), libugidfw(3), mac_bsdextended(4), ugidfw(8)

AUTHORS

This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program.
BSDE_GET_RULE (3) February 24, 2004
tail head cat sleep
QR code linking to this page
Main index Section 3
Go to:
Options

Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

I have a natural revulsion to any operating system that shows so little planning as to have to named all of its commands after digestive noises (awk, grep, fsck, nroff).