fab347489f
Takes a single /sys/fs/bpf/pinned_prog string as argument, but may be specified multiple times. An empty assignment resets all previous filters. Closes https://github.com/systemd/systemd/issues/10227
24 lines
573 B
C
24 lines
573 B
C
/* SPDX-License-Identifier: LGPL-2.1+ */
|
|
#pragma once
|
|
|
|
#include <inttypes.h>
|
|
|
|
#include "unit.h"
|
|
|
|
enum {
|
|
BPF_FIREWALL_UNSUPPORTED = 0,
|
|
BPF_FIREWALL_SUPPORTED = 1,
|
|
BPF_FIREWALL_SUPPORTED_WITH_MULTI = 2,
|
|
};
|
|
|
|
int bpf_firewall_supported(void);
|
|
|
|
int bpf_firewall_compile(Unit *u);
|
|
int bpf_firewall_install(Unit *u);
|
|
int bpf_firewall_load_custom(Unit *u);
|
|
|
|
int bpf_firewall_read_accounting(int map_fd, uint64_t *ret_bytes, uint64_t *ret_packets);
|
|
int bpf_firewall_reset_accounting(int map_fd);
|
|
|
|
void emit_bpf_firewall_warning(Unit *u);
|