tail head cat sleep
QR code linking to this page

Manual Pages  — BSDE_GET_RULE

NAME

bsde_add_rule, bsde_get_rule, bsde_set_rule, bsde_delete_rule – file system firewall rules list management

CONTENTS

LIBRARY

File System Firewall Interface Library (libugidfw, -lugidfw)

SYNOPSIS

#include <ugidfw.h>

int
bsde_add_rule(int *rulenum, struct mac_bsdextended_rule *rule, size_t buflen, char *errstr);

int
bsde_get_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

int
bsde_set_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

int
bsde_delete_rule(int rulenum, size_t errlen, char *errstr);

DESCRIPTION

The bsde_add_rule() function fills the next available rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or bsde_parse_rule(3)). If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL). If successful and rulenum is non- NULL, the rule number used will be returned in *rulenum.

The bsde_get_rule() function fills in *rule with the rule numbered rulenum. If an error occurs, *errstr is filled in with the error string (up to errlen characters, including the terminating NUL).

The bsde_set_rule() function fills the slot numbered rulenum with the specified rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or bsde_parse_rule(3)). If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).

The bsde_delete_rule() function deletes the rule numbered rulenum. If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).

RETURN VALUES

The bsde_get_rule(), bsde_set_rule(), and bsde_delete_rule() functions return 0 if successful; otherwise the value -1 is returned and the value of *errstr is filled in as documented in DESCRIPTION.

SEE ALSO

bsde_get_rule_count(3), bsde_get_rule_slots(3), bsde_parse_rule(3), bsde_parse_rule_string(3), bsde_rule_to_string(3), libugidfw(3), mac_bsdextended(4), ugidfw(8)

AUTHORS

This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program.

BSDE_GET_RULE (3) February 24, 2004

tail head cat sleep
QR code linking to this page


Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

Using Unix is the computing equivalent of listening only to music by David Cassidy
— Rob Pike