src/sys/netipsec/esp_var.h - view

Return to esp_var.h CVS log

Up to [cvs.NetBSD.org] / src / sys / netipsec

File: [cvs.NetBSD.org] / src / sys / netipsec / esp_var.h (download)

Revision 1.3, Sat Dec 10 23:44:08 2005 UTC (18 years, 4 months ago) by elad
Branch: MAIN
CVS Tags: yamt-x86pmap-base4, yamt-x86pmap-base3, yamt-x86pmap-base2, yamt-x86pmap-base, yamt-x86pmap, yamt-uio_vmspace-base5, yamt-uio_vmspace, yamt-splraiseipl-base5, yamt-splraiseipl-base4, yamt-splraiseipl-base3, yamt-splraiseipl-base2, yamt-splraiseipl-base, yamt-splraiseipl, yamt-pf42-baseX, yamt-pf42-base, yamt-pdpolicy-base9, yamt-pdpolicy-base8, yamt-pdpolicy-base7, yamt-pdpolicy-base6, yamt-pdpolicy-base5, yamt-pdpolicy-base4, yamt-pdpolicy-base3, yamt-pdpolicy-base2, yamt-pdpolicy-base, yamt-pdpolicy, yamt-lazymbuf-base15, yamt-lazymbuf-base14, yamt-kmem-base3, yamt-kmem-base2, yamt-kmem-base, yamt-kmem, yamt-idlelwp-base8, yamt-idlelwp, wrstuden-fixsa-newbase, wrstuden-fixsa-base-1, wrstuden-fixsa-base, wrstuden-fixsa, vmlocking2-base3, vmlocking2-base2, vmlocking2-base1, vmlocking2, vmlocking-nbase, vmlocking-base, vmlocking, thorpej-atomic-base, thorpej-atomic, simonb-timecounters-base, simonb-timecounters, simonb-timcounters-final, rpaulo-netinet-merge-pcb-base, rpaulo-netinet-merge-pcb, reinoud-bufcleanup-nbase, reinoud-bufcleanup-base, reinoud-bufcleanup, post-newlock2-merge, peter-altq-base, peter-altq, nick-net80211-sync-base, nick-net80211-sync, nick-csl-alignment-base5, nick-csl-alignment-base, nick-csl-alignment, newlock2-nbase, newlock2-base, newlock2, netbsd-4-base, netbsd-4-0-RELEASE, netbsd-4-0-RC5, netbsd-4-0-RC4, netbsd-4-0-RC3, netbsd-4-0-RC2, netbsd-4-0-RC1, netbsd-4-0-1-RELEASE, netbsd-4-0, netbsd-4, mjf-ufs-trans-base, mjf-ufs-trans, mjf-devfs-base, mjf-devfs, matt-nb4-arm-base, matt-nb4-arm, matt-mips64-base, matt-mips64, matt-armv6-prevmlocking, matt-armv6-nbase, matt-armv6-base, matt-armv6, ktrace-lwp-base, keiichi-mipv6-nbase, keiichi-mipv6-base, keiichi-mipv6, jmcneill-pm-base, jmcneill-pm, jmcneill-base, hpcarm-cleanup-base, hpcarm-cleanup, gdamore-uart-base, gdamore-uart, elad-kernelauth-base, elad-kernelauth, cube-autoconf-base, cube-autoconf, chap-midi-nbase, chap-midi-base, chap-midi, bouyer-xeni386-nbase, bouyer-xeni386-merge1, bouyer-xeni386-base, bouyer-xeni386, bouyer-xenamd64-base2, bouyer-xenamd64-base, bouyer-xenamd64, ad-socklock-base1, ad-audiomp-base, ad-audiomp, abandoned-netbsd-4-base, abandoned-netbsd-4
Branch point for: yamt-pf42, mjf-devfs2
Changes since 1.2: +2 -2 lines

Multiple inclusion protection, as suggested by christos@ on tech-kern@
few days ago.

/*	$NetBSD: esp_var.h,v 1.3 2005/12/10 23:44:08 elad Exp $	*/
/*	$FreeBSD: src/sys/netipsec/esp_var.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $	*/
/*	$OpenBSD: ip_esp.h,v 1.37 2002/06/09 16:26:10 itojun Exp $	*/
/*
 * The authors of this code are John Ioannidis (ji@tla.org),
 * Angelos D. Keromytis (kermit@csd.uch.gr) and
 * Niels Provos (provos@physnet.uni-hamburg.de).
 *
 * The original version of this code was written by John Ioannidis
 * for BSD/OS in Athens, Greece, in November 1995.
 *
 * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996,
 * by Angelos D. Keromytis.
 *
 * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis
 * and Niels Provos.
 *
 * Additional features in 1999 by Angelos D. Keromytis.
 *
 * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis,
 * Angelos D. Keromytis and Niels Provos.
 * Copyright (c) 2001 Angelos D. Keromytis.
 *
 * Permission to use, copy, and modify this software with or without fee
 * is hereby granted, provided that this entire notice is included in
 * all copies of any software which is or includes a copy or
 * modification of this software.
 * You may use this code under the GNU public license if you so wish. Please
 * contribute changes back to the authors under this freer than GPL license
 * so that we may further the use of strong encryption without limitations to
 * all.
 *
 * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
 * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
 * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
 * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
 * PURPOSE.
 */

#ifndef _NETIPSEC_ESP_VAR_H_
#define _NETIPSEC_ESP_VAR_H_

/*
 * These define the algorithm indices into the histogram.  They're
 * presently based on the PF_KEY v2 protocol values which is bogus;
 * they should be decoupled from the protocol at which time we can
 * pack them and reduce the size of the array to a reasonable value.
 */
#define	ESP_ALG_MAX	256		/* NB: could be < but skipjack is 249 */

struct espstat {
	u_int64_t	esps_hdrops;	/* Packet shorter than header shows */
	u_int64_t	esps_nopf;	/* Protocol family not supported */
	u_int64_t	esps_notdb;
	u_int64_t	esps_badkcr;
	u_int64_t	esps_qfull;
	u_int64_t	esps_noxform;
	u_int64_t	esps_badilen;
	u_int64_t	esps_wrap;	/* Replay counter wrapped around */
	u_int64_t	esps_badenc;	/* Bad encryption detected */
	u_int64_t	esps_badauth;	/* Only valid for transforms with auth */
	u_int64_t	esps_replay;	/* Possible packet replay detected */
	u_int64_t	esps_input;	/* Input ESP packets */
	u_int64_t	esps_output;	/* Output ESP packets */
	u_int64_t	esps_invalid;	/* Trying to use an invalid TDB */
	u_int64_t	esps_ibytes;	/* Input bytes */
	u_int64_t	esps_obytes;	/* Output bytes */
	u_int64_t	esps_toobig;	/* Packet got larger than IP_MAXPACKET */
	u_int64_t	esps_pdrops;	/* Packet blocked due to policy */
	u_int64_t	esps_crypto;	/* Crypto processing failure */
	u_int64_t	esps_tunnel;	/* Tunnel sanity check failure */
	u_int64_t	esps_hist[ESP_ALG_MAX];	/* Per-algorithm op count */
};

#ifdef _KERNEL
extern	int esp_enable;
extern	struct espstat espstat;
#endif /* _KERNEL */
#endif /* !_NETIPSEC_ESP_VAR_H_ */