3
* Copyright (C) 1996, 1997 John Ioannidis.
4
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
6
* This program is free software; you can redistribute it and/or modify it
7
* under the terms of the GNU General Public License as published by the
8
* Free Software Foundation; either version 2 of the License, or (at your
9
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11
* This program is distributed in the hope that it will be useful, but
12
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16
* RCSID $Id: ipsec_xmit.h,v 1.7 2004/02/03 03:11:40 mcr Exp $
19
#include "freeswan/ipsec_sa.h"
26
IPSEC_XMIT_ERRMEMALLOC=-1,
27
IPSEC_XMIT_ESP_BADALG=-2,
28
IPSEC_XMIT_BADPROTO=-3,
29
IPSEC_XMIT_ESP_PUSHPULLERR=-4,
31
IPSEC_XMIT_AH_BADALG=-6,
32
IPSEC_XMIT_SAIDNOTFOUND=-7,
33
IPSEC_XMIT_SAIDNOTLIVE=-8,
34
IPSEC_XMIT_REPLAYROLLED=-9,
35
IPSEC_XMIT_LIFETIMEFAILED=-10,
36
IPSEC_XMIT_CANNOTFRAG=-11,
37
IPSEC_XMIT_MSSERR=-12,
38
IPSEC_XMIT_ERRSKBALLOC=-13,
39
IPSEC_XMIT_ENCAPFAIL=-14,
41
IPSEC_XMIT_NOPRIVDEV=-16,
42
IPSEC_XMIT_NOPHYSDEV=-17,
44
IPSEC_XMIT_NOIPV6=-19,
45
IPSEC_XMIT_NOIPOPTIONS=-20,
46
IPSEC_XMIT_TTLEXPIRED=-21,
47
IPSEC_XMIT_BADHHLEN=-22,
48
IPSEC_XMIT_PUSHPULLERR=-23,
49
IPSEC_XMIT_ROUTEERR=-24,
50
IPSEC_XMIT_RECURSDETECT=-25,
51
IPSEC_XMIT_IPSENDFAILURE=-26,
52
IPSEC_XMIT_ESPUDP=-27,
53
IPSEC_XMIT_ESPUDP_BADTYPE=-28,
56
struct ipsec_xmit_state
58
struct sk_buff *skb; /* working skb pointer */
59
struct device *dev; /* working dev pointer */
60
struct ipsecpriv *prv; /* Our device' private space */
61
struct sk_buff *oskb; /* Original skb pointer */
62
struct net_device_stats *stats; /* This device's statistics */
63
struct iphdr *iph; /* Our new IP header */
64
__u32 newdst; /* The other SG's IP address */
65
__u32 orgdst; /* Original IP destination address */
66
__u32 orgedst; /* 1st SG's IP address */
67
__u32 newsrc; /* The new source SG's IP address */
68
__u32 orgsrc; /* Original IP source address */
69
__u32 innersrc; /* Innermost IP source address */
70
int iphlen; /* IP header length */
71
int pyldsz; /* upper protocol payload size */
75
int max_headroom; /* The extra header space needed */
76
int max_tailroom; /* The extra stuffing needed */
77
int ll_headroom; /* The extra link layer hard_header space needed */
78
int tot_headroom; /* The total header space needed */
79
int tot_tailroom; /* The totalstuffing needed */
80
__u8 *saved_header; /* saved copy of the hard header */
81
unsigned short sport, dport;
83
struct sockaddr_encap matcher; /* eroute search key */
84
struct eroute *eroute;
85
struct ipsec_sa *ipsp, *ipsq; /* ipsec_sa pointers */
86
char sa_txt[SATOT_BUF];
88
int hard_header_stripped; /* has the hard header been removed yet? */
90
struct device *physdev;
91
/* struct device *virtdev; */
97
ip_said outgoing_said;
104
#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
112
enum ipsec_xmit_value
113
ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs);
115
enum ipsec_xmit_value
116
ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs);
118
enum ipsec_xmit_value
119
ipsec_xmit_encap_bundle(struct ipsec_xmit_state *ixs);
121
extern void ipsec_extract_ports(struct iphdr * iph, struct sockaddr_encap * er);
124
extern int ipsec_xmit_trap_count;
125
extern int ipsec_xmit_trap_sendcount;
127
#ifdef CONFIG_IPSEC_DEBUG
128
extern int debug_tunnel;
129
extern int sysctl_ipsec_debug_verbose;
130
#endif /* CONFIG_IPSEC_DEBUG */
132
#define debug_xmit debug_tunnel
134
#define ipsec_xmit_dmp(_x,_y, _z) if (debug_xmit && sysctl_ipsec_debug_verbose) ipsec_dmp(_x,_y,_z)
136
extern int sysctl_ipsec_icmp;
137
extern int sysctl_ipsec_tos;
141
* $Log: ipsec_xmit.h,v $
142
* Revision 1.7 2004/02/03 03:11:40 mcr
143
* new xmit type if the UDP encapsulation is wrong.
145
* Revision 1.6 2003/12/13 19:10:16 mcr
146
* refactored rcv and xmit code - same as FS 2.05.
148
* Revision 1.5 2003/12/10 01:20:06 mcr
149
* NAT-traversal patches to KLIPS.
151
* Revision 1.4 2003/12/06 16:37:04 mcr
152
* 1.4.7a X.509 patch applied.
154
* Revision 1.3 2003/10/31 02:27:05 mcr
155
* pulled up port-selector patches and sa_id elimination.
157
* Revision 1.2.4.2 2003/10/29 01:10:19 mcr
158
* elimited "struct sa_id"
160
* Revision 1.2.4.1 2003/09/21 13:59:38 mcr
161
* pre-liminary X.509 patch - does not yet pass tests.
163
* Revision 1.2 2003/06/20 01:42:13 mcr
164
* added counters to measure how many ACQUIREs we send to pluto,
165
* and how many are successfully sent.
167
* Revision 1.1 2003/02/12 19:31:03 rgb
168
* Refactored from ipsec_tunnel.c