##! Declaration of various types that the Zeek core uses internally.

enum rpc_status %{
	RPC_SUCCESS,
	RPC_PROG_UNAVAIL,
	RPC_PROG_MISMATCH,
	RPC_PROC_UNAVAIL,
	RPC_GARBAGE_ARGS,
	RPC_SYSTEM_ERR,
	RPC_TIMEOUT,
	RPC_VERS_MISMATCH,
	RPC_AUTH_ERROR,
	RPC_UNKNOWN_ERROR,
%}

module MOUNT3;

enum proc_t %{ # MOUNT3 procedures
	PROC_NULL         = 0,  # done
	PROC_MNT          = 1,  # done
	PROC_DUMP         = 2,  # not implemented
	PROC_UMNT         = 3,  # done
	PROC_UMNT_ALL     = 4,  # done
	PROC_EXPORT       = 5,  # not implemented
	PROC_END_OF_PROCS = 6,	# not implemented
%}

enum status_t %{ # MOUNT3 return status
	MNT3_OK             = 0,
	MNT3ERR_PERM        = 1,
	MNT3ERR_NOENT       = 2,
	MNT3ERR_IO          = 5,
	MNT3ERR_ACCES       = 13,
	MNT3ERR_NOTDIR      = 20,
	MNT3ERR_INVAL       = 22,
	MNT3ERR_NAMETOOLONG = 63,
	MNT3ERR_NOTSUPP     = 10004,
	MNT3ERR_SERVERFAULT = 10006,
	MOUNT3ERR_UNKNOWN   = 0xffffffff,
%}

enum auth_flavor_t %{ # MOUNT3 auth flavors
	AUTH_NULL   = 0,
	AUTH_UNIX   = 1,
	AUTH_SHORT  = 2,
	AUTH_DES    = 3,
%}

type info_t: record;
type mnt_reply_t: record;
type dirmntargs_t: record;

module NFS3;

enum proc_t %{	# NFSv3 procedures
	PROC_NULL     = 0,	# done
	PROC_GETATTR  = 1,	# done
	PROC_SETATTR  = 2,	# done
	PROC_LOOKUP   = 3,	# done
	PROC_ACCESS   = 4,	# not implemented
	PROC_READLINK = 5,	# done
	PROC_READ     = 6,	# done
	PROC_WRITE    = 7,	# done
	PROC_CREATE   = 8,	# partial
	PROC_MKDIR    = 9,	# partial
	PROC_SYMLINK  = 10,	# done
	PROC_MKNOD    = 11,	# not implemented
	PROC_REMOVE   = 12,	# done
	PROC_RMDIR    = 13,	# done
	PROC_RENAME   = 14,	# done
	PROC_LINK     = 15,	# done
	PROC_READDIR  = 16,	# done
	PROC_READDIRPLUS  = 17,	# done
	PROC_FSSTAT   = 18,	# not implemented
	PROC_FSINFO   = 19,	# not implemented
	PROC_PATHCONF = 20,	# not implemented
	PROC_COMMIT   = 21,	# not implemented
	PROC_END_OF_PROCS = 22,	# not implemented
%}

enum status_t %{	# NFSv3 return status
	NFS3ERR_OK          = 0,
	NFS3ERR_PERM        = 1,
	NFS3ERR_NOENT       = 2,
	NFS3ERR_IO          = 5,
	NFS3ERR_NXIO        = 6,
	NFS3ERR_ACCES       = 13,
	NFS3ERR_EXIST       = 17,
	NFS3ERR_XDEV        = 18,
	NFS3ERR_NODEV       = 19,
	NFS3ERR_NOTDIR      = 20,
	NFS3ERR_ISDIR       = 21,
	NFS3ERR_INVAL       = 22,
	NFS3ERR_FBIG        = 27,
	NFS3ERR_NOSPC       = 28,
	NFS3ERR_ROFS        = 30,
	NFS3ERR_MLINK       = 31,
	NFS3ERR_NAMETOOLONG = 63,
	NFS3ERR_NOTEMPTY    = 66,
	NFS3ERR_DQUOT       = 69,
	NFS3ERR_STALE       = 70,
	NFS3ERR_REMOTE      = 71,
	NFS3ERR_BADHANDLE   = 10001,
	NFS3ERR_NOT_SYNC    = 10002,
	NFS3ERR_BAD_COOKIE  = 10003,
	NFS3ERR_NOTSUPP     = 10004,
	NFS3ERR_TOOSMALL    = 10005,
	NFS3ERR_SERVERFAULT = 10006,
	NFS3ERR_BADTYPE     = 10007,
	NFS3ERR_JUKEBOX     = 10008,
	NFS3ERR_UNKNOWN     = 0xffffffff,
%}

enum time_how_t %{
	DONT_CHANGE = 0,
	SET_TO_SERVER_TIME = 1,
	SET_TO_CLIENT_TIME = 2,
%}

enum file_type_t %{
	FTYPE_REG   = 1,
	FTYPE_DIR   = 2,
	FTYPE_BLK   = 3,
	FTYPE_CHR   = 4,
	FTYPE_LNK   = 5,
	FTYPE_SOCK  = 6,
	FTYPE_FIFO  = 7,
%}


enum stable_how_t %{
	UNSTABLE = 0,
	DATA_SYNC = 1,
	FILE_SYNC = 2,
%}

enum createmode_t %{
	UNCHECKED = 0,
	GUARDED = 1,
	EXCLUSIVE = 2,
%}

# Declare record types that we want to access from the event engine. These are
# defined in init-bare.zeek.
type info_t: record;
type fattr_t: record;
type sattr_t: record;
type symlinkdata_t: record;
type diropargs_t: record;
type symlinkargs_t: record;
type sattrargs_t: record;
type linkargs_t: record;
type renameopargs_t: record;
type sattr_reply_t: record;
type lookup_reply_t: record;
type readargs_t: record;
type read_reply_t: record;
type readlink_reply_t: record;
type link_reply_t: record;
type writeargs_t: record;
type wcc_attr_t: record;
type write_reply_t: record;
type newobj_reply_t: record;
type delobj_reply_t: record;
type renameobj_reply_t: record;
type readdirargs_t: record;
type direntry_t: record;
type direntry_vec_t: vector;
type readdir_reply_t: record;

type fsstat_t: record;


module GLOBAL;

type ModbusHeaders: record;
type ModbusCoils: vector;
type ModbusRegisters: vector;

type PE::DOSHeader: record;
type PE::FileHeader: record;
type PE::OptionalHeader: record;
type PE::SectionHeader: record;

module Tunnel;
enum Type %{
	NONE,
	IP,
	AYIYA,
	TEREDO,
	SOCKS,
	GTPv1,
	HTTP,
	GRE,
	VXLAN,
%}

type EncapsulatingConn: record;

module GLOBAL;

enum link_encap %{
	LINK_ETHERNET,
	LINK_UNKNOWN,
%}

enum layer3_proto %{
	L3_IPV4,
	L3_IPV6,
	L3_ARP,
	L3_UNKNOWN,
%}

type gtpv1_hdr: record;
type gtp_create_pdp_ctx_request_elements: record;
type gtp_create_pdp_ctx_response_elements: record;
type gtp_update_pdp_ctx_request_elements: record;
type gtp_update_pdp_ctx_response_elements: record;
type gtp_delete_pdp_ctx_request_elements: record;
type gtp_delete_pdp_ctx_response_elements: record;

type gtp_end_user_addr: record;
type gtp_rai: record;
type gtp_qos_profile: record;
type gtp_private_extension: record;
type gtp_gsn_addr: record;

enum TableChange %{
	TABLE_ELEMENT_NEW,
	TABLE_ELEMENT_CHANGED,
	TABLE_ELEMENT_REMOVED,
	TABLE_ELEMENT_EXPIRED,
%}

module Reporter;

enum Level %{
	INFO = 0,
	WARNING = 1,
	ERROR = 2,
%}

module GLOBAL;