Annotation of sys/netinet/ip_esp.h, Revision 1.1
1.1 ! nbrk 1: /* $OpenBSD: ip_esp.h,v 1.40 2004/02/17 12:07:45 markus Exp $ */
! 2: /*
! 3: * The authors of this code are John Ioannidis (ji@tla.org),
! 4: * Angelos D. Keromytis (kermit@csd.uch.gr) and
! 5: * Niels Provos (provos@physnet.uni-hamburg.de).
! 6: *
! 7: * The original version of this code was written by John Ioannidis
! 8: * for BSD/OS in Athens, Greece, in November 1995.
! 9: *
! 10: * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
! 11: * by Angelos D. Keromytis.
! 12: *
! 13: * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
! 14: * and Niels Provos.
! 15: *
! 16: * Additional features in 1999 by Angelos D. Keromytis.
! 17: *
! 18: * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
! 19: * Angelos D. Keromytis and Niels Provos.
! 20: * Copyright (c) 2001 Angelos D. Keromytis.
! 21: *
! 22: * Permission to use, copy, and modify this software with or without fee
! 23: * is hereby granted, provided that this entire notice is included in
! 24: * all copies of any software which is or includes a copy or
! 25: * modification of this software.
! 26: * You may use this code under the GNU public license if you so wish. Please
! 27: * contribute changes back to the authors under this freer than GPL license
! 28: * so that we may further the use of strong encryption without limitations to
! 29: * all.
! 30: *
! 31: * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
! 32: * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
! 33: * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
! 34: * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
! 35: * PURPOSE.
! 36: */
! 37:
! 38: #ifndef _NETINET_IP_ESP_H_
! 39: #define _NETINET_IP_ESP_H_
! 40:
! 41: #define ESP_ALEN 12 /* 96-bit authenticator */
! 42:
! 43: struct espstat
! 44: {
! 45: u_int32_t esps_hdrops; /* Packet shorter than header shows */
! 46: u_int32_t esps_nopf; /* Protocol family not supported */
! 47: u_int32_t esps_notdb;
! 48: u_int32_t esps_badkcr;
! 49: u_int32_t esps_qfull;
! 50: u_int32_t esps_noxform;
! 51: u_int32_t esps_badilen;
! 52: u_int32_t esps_wrap; /* Replay counter wrapped around */
! 53: u_int32_t esps_badenc; /* Bad encryption detected */
! 54: u_int32_t esps_badauth; /* Only valid for transforms with auth */
! 55: u_int32_t esps_replay; /* Possible packet replay detected */
! 56: u_int32_t esps_input; /* Input ESP packets */
! 57: u_int32_t esps_output; /* Output ESP packets */
! 58: u_int32_t esps_invalid; /* Trying to use an invalid TDB */
! 59: u_int64_t esps_ibytes; /* Input bytes */
! 60: u_int64_t esps_obytes; /* Output bytes */
! 61: u_int32_t esps_toobig; /* Packet got larger than IP_MAXPACKET */
! 62: u_int32_t esps_pdrops; /* Packet blocked due to policy */
! 63: u_int32_t esps_crypto; /* Crypto processing failure */
! 64: u_int32_t esps_udpencin; /* Input ESP-in-UDP packets */
! 65: u_int32_t esps_udpencout; /* Output ESP-in-UDP packets */
! 66: u_int32_t esps_udpinval; /* Invalid input ESP-in-UDP packets */
! 67: };
! 68:
! 69: /*
! 70: * Names for ESP sysctl objects
! 71: */
! 72: #define ESPCTL_ENABLE 1 /* Enable ESP processing */
! 73: #define ESPCTL_UDPENCAP_ENABLE 2 /* Enable ESP over UDP */
! 74: #define ESPCTL_UDPENCAP_PORT 3 /* UDP port for encapsulation */
! 75: #define ESPCTL_MAXID 4
! 76:
! 77: #define ESPCTL_NAMES { \
! 78: { 0, 0 }, \
! 79: { "enable", CTLTYPE_INT }, \
! 80: { "udpencap", CTLTYPE_INT }, \
! 81: { "udpencap_port", CTLTYPE_INT }, \
! 82: }
! 83:
! 84: #define ESPCTL_VARS { \
! 85: NULL, \
! 86: &esp_enable, \
! 87: &udpencap_enable, \
! 88: &udpencap_port, \
! 89: }
! 90:
! 91: #ifdef _KERNEL
! 92: extern int esp_enable;
! 93: extern int udpencap_enable;
! 94: extern int udpencap_port;
! 95: extern struct espstat espstat;
! 96: #endif /* _KERNEL */
! 97: #endif /* _NETINET_IP_ESP_H_ */
CVSweb