Google

SYNOPSIS

     #include <sys/types.h>
     #include <security/mac_bsdextended/mac_bsdextended.h>
     #include <ugidfw.h>

DESCRIPTION

     The libugidfw library routines provide an interface to the
     mac_bsdextended(4) file system firewall MAC policy.

     The libugidfw library defines the following functions:

     bsde_rule_to_string()     Converts the internal representation of a rule
                               (struct mac_bsdextended_rule) into its text
                               representation; see bsde_rule_to_string(3).

     bsde_parse_rule()         Parses an entire rule (in argument array form);
                               see bsde_parse_rule(3).

     bsde_parse_rule_string()  Parses an entire rule string; see
                               bsde_parse_rule_string(3).

     bsde_get_rule_count()     Returns the total number of ugidfw rules being
                               enforced in the system; see
                               bsde_get_rule_count(3).

     bsde_get_rule_slots()     Returns the total number of used rule slots;
                               see bsde_get_rule_slots(3).

     bsde_get_rule()           Returns a rule by its rule number; see
                               bsde_get_rule(3).

     bsde_delete_rule()        Deletes a rule by its rule number; see
                               bsde_delete_rule(3).

     bsde_set_rule()           Uploads the rule to the mac_bsdextended(4) mod-
                               ule and applies it; see bsde_set_rule(3).

     bsde_add_rule()           Upload the rule to the module, automatically
                               selecting the next available rule number; see
                               bsde_add_rule(3).

SEE ALSO

     bsde_delete_rule(3), bsde_get_rule(3), bsde_get_rule_count(3),
     bsde_get_rule_slots(3), bsde_parse_rule(3), bsde_parse_rule_string(3),
     bsde_rule_to_string(3), bsde_set_rule(3)

AUTHORS

     This software was contributed to the FreeBSD Project by Network Asso-
     ciates Labs, the Security Research Division of Network Associates Inc.
     under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the
     DARPA CHATS research program.
Man(1) output converted with man2html