zebra: add IPTABLE_ADD and IPTABLE_DEL commands in zapi

Those messages permit a remote daemon to configure an iptable entry. A
structure is defined that maps to an iptable entry. More specifically,
this structure proposes to associate fwmark, and a table ID.
Adding to the configuration, the initialisation of iptables hash list is
done into zebra netnamespace. Also a hook for notifying the sender that
the iptables has been correctly set is done.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

1 files changed, 15 insertions, 0 deletions

diff --git a/lib/zclient.h b/lib/zclient.h
index b8896f6b99..2cdcefd5eb 100644
--- a/lib/zclient.h
+++ b/lib/zclient.h
@@ -52,6 +52,12 @@
  */
 #define ZEBRA_IPSET_NAME_SIZE   32
 
+/* IPTable action is defined by two values: either
+ * forward or drop
+ */
+#define ZEBRA_IPTABLES_FORWARD 0
+#define ZEBRA_IPTABLES_DROP    1
+
 extern struct sockaddr_storage zclient_addr;
 extern socklen_t zclient_addr_len;
 
@@ -146,6 +152,9 @@ typedef enum {
 	ZEBRA_IPSET_ENTRY_DELETE,
 	ZEBRA_IPSET_NOTIFY_OWNER,
 	ZEBRA_IPSET_ENTRY_NOTIFY_OWNER,
+	ZEBRA_IPTABLE_ADD,
+	ZEBRA_IPTABLE_DELETE,
+	ZEBRA_IPTABLE_NOTIFY_OWNER,
 } zebra_message_types_t;
 
 struct redist_proto {
@@ -409,6 +418,12 @@ enum zapi_ipset_entry_notify_owner {
 	ZAPI_IPSET_ENTRY_REMOVED,
 };
 
+enum zapi_iptable_notify_owner {
+	ZAPI_IPTABLE_FAIL_INSTALL,
+	ZAPI_IPTABLE_INSTALLED,
+	ZAPI_IPTABLE_REMOVED,
+};
+
 /* Zebra MAC types */
 #define ZEBRA_MACIP_TYPE_STICKY                0x01 /* Sticky MAC*/
 #define ZEBRA_MACIP_TYPE_GW                    0x02 /* gateway (SVI) mac*/