move pacf skeleton away to be able to replace it with old proposal of

Robin.

scripts/base/frameworks/pacf-proto/main.bro

@@ -0,0 +1,111 @@
+@load ./plugins
+
+
+module PACF;
+
+
+# Internal id counter for rule ids.
+global LAST_ID:count = 0;
+
+
+export {
+	
+	## Type of the action.
+	##
+	type RuleActionType: enum {
+		## Drop packets matching a given RuleMatch record.
+		DROP,
+		## Modify packets matching a given RuleMatch record
+		## according to the ModifyArgs record.
+		MODIFY,
+	} &redef;
+
+
+	type RuleActionTarget: enum {
+		FORWARD,
+		MONITOR,
+	} &redef;
+
+	## Uni or bidriectional flow.
+	##
+	type FlowType: enum {
+		## Unidirectional flow.
+		PACF::UNIDIRECTIONAL,
+		## Bidirectional flow.
+		PACF::BIDIRECTIONAL,
+	};
+
+	## Properties which descibes a matching flow / connection
+	##
+	type RuleMatch: record {
+		## Ethernet protocol (ipv4, ipv6, ipip ... aso).
+		# eth_proto: ethernet_proto &optional;  # Here should mb IPPROTO_* be used.
+		## VLAN id.
+		vlan: count &optional; 
+		## Source MAC address.
+		src_mac: string &optional;
+		## Source IP address (IPv4 | IPv6).
+		src_ip: addr &optional;
+		## Source Port.
+		src_port: port &optional;
+		## Destination MAC address.
+		dst_mac: string &optional;
+		## Destination IP address.
+		dst_ip: addr &optional;
+		## Destination Port.
+		dst_port: port &optional;
+		## IP transport protocol.
+		ip_proto: transport_proto &optional;  # Here should mb IPPROTO_* be used.
+	};
+
+	## Action to be done on flows / connections that match.
+	##
+	type RuleAction: record {
+		type_: RuleActionType;
+		target: RuleActionTarget &default=FORWARD;
+		## Timeout n seconds after the last packet.
+		soft_timeout: count &optional;
+		## Timeout after n seconds.
+		hard_timeout: count &optional;
+		## Priority of the action.
+		priority: int &default=-0;
+	};
+
+	## Rule which descibes the actions to take on a matching
+	## flow / connection.
+	type Rule: record {
+		## Rule id.
+		id: count &default=LAST_ID;
+		## Flows / Connections which the rule should match.
+		match: RuleMatch;
+		## Actions which will be taken when a flow / connection matches.
+		action: vector of RuleAction;
+		## Should it be matched uni or bidriectional.
+		direction: FlowType;
+	};
+
+	## Registered plugins
+	type Plugin: enum {
+	};
+
+
+	type BackendState: record {
+
+	} &redef;
+
+
+	## A PACF backend which implements a subset of the PACF
+	## features for a specific implementation
+	type Backend: record {
+		## The type of the plugin (more then one of the same type can exist).
+		type_: Plugin;
+		## Insert function to apply a specific rule
+		insert: function(state: PACF::BackendState, rule: PACF::Rule): bool &optional;
+		## Remove function to remove a specific rule
+		remove: function(id: count): bool &optional;
+		state: BackendState &optional;
+	} &redef;
+
+	global PACF::drop: event();
+	global PACF::undrop: event();
+}