3
* Copyright (C) 1996, 1997 John Ioannidis.
4
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003 Richard Guy Briggs.
6
* This program is free software; you can redistribute it and/or modify it
7
* under the terms of the GNU General Public License as published by the
8
* Free Software Foundation; either version 2 of the License, or (at your
9
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11
* This program is distributed in the hope that it will be useful, but
12
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16
* RCSID $Id: ipsec_xmit.h,v 1.12 2004/08/20 21:45:37 mcr Exp $
19
#include "openswan/ipsec_sa.h"
26
IPSEC_XMIT_ERRMEMALLOC=-1,
27
IPSEC_XMIT_ESP_BADALG=-2,
28
IPSEC_XMIT_BADPROTO=-3,
29
IPSEC_XMIT_ESP_PUSHPULLERR=-4,
31
IPSEC_XMIT_AH_BADALG=-6,
32
IPSEC_XMIT_SAIDNOTFOUND=-7,
33
IPSEC_XMIT_SAIDNOTLIVE=-8,
34
IPSEC_XMIT_REPLAYROLLED=-9,
35
IPSEC_XMIT_LIFETIMEFAILED=-10,
36
IPSEC_XMIT_CANNOTFRAG=-11,
37
IPSEC_XMIT_MSSERR=-12,
38
IPSEC_XMIT_ERRSKBALLOC=-13,
39
IPSEC_XMIT_ENCAPFAIL=-14,
41
IPSEC_XMIT_NOPRIVDEV=-16,
42
IPSEC_XMIT_NOPHYSDEV=-17,
44
IPSEC_XMIT_NOIPV6=-19,
45
IPSEC_XMIT_NOIPOPTIONS=-20,
46
IPSEC_XMIT_TTLEXPIRED=-21,
47
IPSEC_XMIT_BADHHLEN=-22,
48
IPSEC_XMIT_PUSHPULLERR=-23,
49
IPSEC_XMIT_ROUTEERR=-24,
50
IPSEC_XMIT_RECURSDETECT=-25,
51
IPSEC_XMIT_IPSENDFAILURE=-26,
52
IPSEC_XMIT_ESPUDP=-27,
53
IPSEC_XMIT_ESPUDP_BADTYPE=-28,
56
struct ipsec_xmit_state
58
struct sk_buff *skb; /* working skb pointer */
59
struct net_device *dev; /* working dev pointer */
60
struct ipsecpriv *prv; /* Our device' private space */
61
struct sk_buff *oskb; /* Original skb pointer */
62
struct net_device_stats *stats; /* This device's statistics */
63
struct iphdr *iph; /* Our new IP header */
64
__u32 newdst; /* The other SG's IP address */
65
__u32 orgdst; /* Original IP destination address */
66
__u32 orgedst; /* 1st SG's IP address */
67
__u32 newsrc; /* The new source SG's IP address */
68
__u32 orgsrc; /* Original IP source address */
69
__u32 innersrc; /* Innermost IP source address */
70
int iphlen; /* IP header length */
71
int pyldsz; /* upper protocol payload size */
75
int max_headroom; /* The extra header space needed */
76
int max_tailroom; /* The extra stuffing needed */
77
int ll_headroom; /* The extra link layer hard_header space needed */
78
int tot_headroom; /* The total header space needed */
79
int tot_tailroom; /* The totalstuffing needed */
80
__u8 *saved_header; /* saved copy of the hard header */
81
unsigned short sport, dport;
83
struct sockaddr_encap matcher; /* eroute search key */
84
struct eroute *eroute;
85
struct ipsec_sa *ipsp, *ipsq; /* ipsec_sa pointers */
86
char sa_txt[SATOT_BUF];
88
int hard_header_stripped; /* has the hard header been removed yet? */
90
struct net_device *physdev;
91
/* struct device *virtdev; */
97
ip_said outgoing_said;
104
#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
112
enum ipsec_xmit_value
113
ipsec_xmit_sanity_check_dev(struct ipsec_xmit_state *ixs);
115
enum ipsec_xmit_value
116
ipsec_xmit_sanity_check_skb(struct ipsec_xmit_state *ixs);
118
enum ipsec_xmit_value
119
ipsec_xmit_encap_bundle(struct ipsec_xmit_state *ixs);
121
extern void ipsec_extract_ports(struct iphdr * iph, struct sockaddr_encap * er);
124
extern int ipsec_xmit_trap_count;
125
extern int ipsec_xmit_trap_sendcount;
127
#ifdef CONFIG_KLIPS_DEBUG
128
extern int debug_tunnel;
129
extern int sysctl_ipsec_debug_verbose;
130
#endif /* CONFIG_KLIPS_DEBUG */
132
#define debug_xmit debug_tunnel
134
#define ipsec_xmit_dmp(_x,_y, _z) if (debug_xmit && sysctl_ipsec_debug_verbose) ipsec_dmp(_x,_y,_z)
136
extern int sysctl_ipsec_icmp;
137
extern int sysctl_ipsec_tos;
141
* $Log: ipsec_xmit.h,v $
142
* Revision 1.12 2004/08/20 21:45:37 mcr
143
* CONFIG_KLIPS_NAT_TRAVERSAL is not used in an attempt to
144
* be 26sec compatible. But, some defines where changed.
146
* Revision 1.11 2004/08/03 18:18:21 mcr
147
* in 2.6, use "net_device" instead of #define device->net_device.
148
* this probably breaks 2.0 compiles.
150
* Revision 1.10 2004/07/10 19:08:41 mcr
151
* CONFIG_IPSEC -> CONFIG_KLIPS.
153
* Revision 1.9 2004/04/06 02:49:08 mcr
154
* pullup of algo code from alg-branch.
156
* Revision 1.8 2004/04/05 19:55:07 mcr
157
* Moved from linux/include/freeswan/ipsec_xmit.h,v
159
* Revision 1.7 2004/02/03 03:11:40 mcr
160
* new xmit type if the UDP encapsulation is wrong.
162
* Revision 1.6 2003/12/13 19:10:16 mcr
163
* refactored rcv and xmit code - same as FS 2.05.
165
* Revision 1.5 2003/12/10 01:20:06 mcr
166
* NAT-traversal patches to KLIPS.
168
* Revision 1.4 2003/12/06 16:37:04 mcr
169
* 1.4.7a X.509 patch applied.
171
* Revision 1.3 2003/10/31 02:27:05 mcr
172
* pulled up port-selector patches and sa_id elimination.
174
* Revision 1.2.4.2 2003/10/29 01:10:19 mcr
175
* elimited "struct sa_id"
177
* Revision 1.2.4.1 2003/09/21 13:59:38 mcr
178
* pre-liminary X.509 patch - does not yet pass tests.
180
* Revision 1.2 2003/06/20 01:42:13 mcr
181
* added counters to measure how many ACQUIREs we send to pluto,
182
* and how many are successfully sent.
184
* Revision 1.1 2003/02/12 19:31:03 rgb
185
* Refactored from ipsec_tunnel.c