Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

bsde_set_rule(3) [freebsd man page]

BSDE_GET_RULE(3)					   BSD Library Functions Manual 					  BSDE_GET_RULE(3)

NAME

     bsde_add_rule, bsde_get_rule, bsde_set_rule, bsde_delete_rule -- file system firewall rules list management

LIBRARY

     File System Firewall Interface Library (libugidfw, -lugidfw)

SYNOPSIS

     #include <ugidfw.h>

     int
     bsde_add_rule(int *rulenum, struct mac_bsdextended_rule *rule, size_t buflen, char *errstr);

     int
     bsde_get_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

     int
     bsde_set_rule(int rulenum, struct mac_bsdextended_rule *rule, size_t errlen, char *errstr);

     int
     bsde_delete_rule(int rulenum, size_t errlen, char *errstr);

DESCRIPTION

     The bsde_add_rule() function fills the next available rule (in struct mac_bsdextended_rule form, either from bsde_get_rule() or
     bsde_parse_rule(3)).  If an error occurs, *errstr is filled with the error string (up to errlen characters, including the terminating NUL).
     If successful and rulenum is non-NULL, the rule number used will be returned in *rulenum.

     The bsde_get_rule() function fills in *rule with the rule numbered rulenum.  If an error occurs, *errstr is filled in with the error string
     (up to errlen characters, including the terminating NUL).

     The bsde_set_rule() function fills the slot numbered rulenum with the specified rule (in struct mac_bsdextended_rule form, either from
     bsde_get_rule() or bsde_parse_rule(3)).  If an error occurs, *errstr is filled with the error string (up to errlen characters, including the
     terminating NUL).

     The bsde_delete_rule() function deletes the rule numbered rulenum.  If an error occurs, *errstr is filled with the error string (up to errlen
     characters, including the terminating NUL).

RETURN VALUES

     The bsde_get_rule(), bsde_set_rule(), and bsde_delete_rule() functions return 0 if successful; otherwise the value -1 is returned and the
     value of *errstr is filled in as documented in DESCRIPTION.

SEE ALSO

     bsde_get_rule_count(3), bsde_get_rule_slots(3), bsde_parse_rule(3), bsde_parse_rule_string(3), bsde_rule_to_string(3), libugidfw(3),
     mac_bsdextended(4), ugidfw(8)

AUTHORS

     This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc.
     under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.

BSD
								 February 24, 2004							       BSD

Check Out this Related Man Page

LIBUGIDFW(3)						   BSD Library Functions Manual 					      LIBUGIDFW(3)

NAME

     libugidfw -- library interface to the file system firewall MAC policy

LIBRARY

     File System Firewall Interface Library (libugidfw, -lugidfw)

SYNOPSIS

     #include <sys/types.h>
     #include <security/mac_bsdextended/mac_bsdextended.h>
     #include <ugidfw.h>

DESCRIPTION

     The libugidfw library routines provide an interface to the mac_bsdextended(4) file system firewall MAC policy.

     The libugidfw library defines the following functions:

     bsde_rule_to_string()     Converts the internal representation of a rule (struct mac_bsdextended_rule) into its text representation; see
			       bsde_rule_to_string(3).

     bsde_parse_rule()	       Parses an entire rule (in argument array form); see bsde_parse_rule(3).

     bsde_parse_rule_string()  Parses an entire rule string; see bsde_parse_rule_string(3).

     bsde_get_rule_count()     Returns the total number of ugidfw rules being enforced in the system; see bsde_get_rule_count(3).

     bsde_get_rule_slots()     Returns the total number of used rule slots; see bsde_get_rule_slots(3).

     bsde_get_rule()	       Returns a rule by its rule number; see bsde_get_rule(3).

     bsde_delete_rule()        Deletes a rule by its rule number; see bsde_delete_rule(3).

     bsde_set_rule()	       Uploads the rule to the mac_bsdextended(4) module and applies it; see bsde_set_rule(3).

     bsde_add_rule()	       Upload the rule to the module, automatically selecting the next available rule number; see bsde_add_rule(3).

SEE ALSO

     bsde_delete_rule(3), bsde_get_rule(3), bsde_get_rule_count(3), bsde_get_rule_slots(3), bsde_parse_rule(3), bsde_parse_rule_string(3),
     bsde_rule_to_string(3), bsde_set_rule(3)

AUTHORS

     This software was contributed to the FreeBSD Project by Network Associates Labs, the Security Research Division of Network Associates Inc.
     under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPA CHATS research program.

BSD
								 February 25, 2004							       BSD
Man Page

Featured Tech Videos