Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]
FreeBSD/Linux Kernel Cross Reference
sys/net/if_pfsync.h
Version:
- FREEBSD - FREEBSD-13-STABLE - FREEBSD-13-0 - FREEBSD-12-STABLE - FREEBSD-12-0 - FREEBSD-11-STABLE - FREEBSD-11-0 - FREEBSD-10-STABLE - FREEBSD-10-0 - FREEBSD-9-STABLE - FREEBSD-9-0 - FREEBSD-8-STABLE - FREEBSD-8-0 - FREEBSD-7-STABLE - FREEBSD-7-0 - FREEBSD-6-STABLE - FREEBSD-6-0 - FREEBSD-5-STABLE - FREEBSD-5-0 - FREEBSD-4-STABLE - FREEBSD-3-STABLE - FREEBSD22 - l41 - OPENBSD - linux-2.6 - MK84 - PLAN9 - xnu-8792
SearchContext: - none - 3 - 10
SearchContext: - none - 3 - 10
1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2001 Michael Shalayeff 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR OR HIS RELATIVES BE LIABLE FOR ANY DIRECT, 20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22 * SERVICES; LOSS OF MIND, USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING 25 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 26 * THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 /*- 30 * Copyright (c) 2008 David Gwynne <dlg@openbsd.org> 31 * 32 * Permission to use, copy, modify, and distribute this software for any 33 * purpose with or without fee is hereby granted, provided that the above 34 * copyright notice and this permission notice appear in all copies. 35 * 36 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 37 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 38 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 39 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 40 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 41 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 42 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 43 */ 44 45 /* 46 * $OpenBSD: if_pfsync.h,v 1.35 2008/06/29 08:42:15 mcbride Exp $ 47 * $FreeBSD$ 48 */ 49 50 51 #ifndef _NET_IF_PFSYNC_H_ 52 #define _NET_IF_PFSYNC_H_ 53 54 #define PFSYNC_VERSION 5 55 #define PFSYNC_DFLTTL 255 56 57 #define PFSYNC_ACT_CLR 0 /* clear all states */ 58 #define PFSYNC_ACT_INS 1 /* insert state */ 59 #define PFSYNC_ACT_INS_ACK 2 /* ack of insterted state */ 60 #define PFSYNC_ACT_UPD 3 /* update state */ 61 #define PFSYNC_ACT_UPD_C 4 /* "compressed" update state */ 62 #define PFSYNC_ACT_UPD_REQ 5 /* request "uncompressed" state */ 63 #define PFSYNC_ACT_DEL 6 /* delete state */ 64 #define PFSYNC_ACT_DEL_C 7 /* "compressed" delete state */ 65 #define PFSYNC_ACT_INS_F 8 /* insert fragment */ 66 #define PFSYNC_ACT_DEL_F 9 /* delete fragments */ 67 #define PFSYNC_ACT_BUS 10 /* bulk update status */ 68 #define PFSYNC_ACT_TDB 11 /* TDB replay counter update */ 69 #define PFSYNC_ACT_EOF 12 /* end of frame */ 70 #define PFSYNC_ACT_MAX 13 71 72 /* 73 * A pfsync frame is built from a header followed by several sections which 74 * are all prefixed with their own subheaders. Frames must be terminated with 75 * an EOF subheader. 76 * 77 * | ... | 78 * | IP header | 79 * +============================+ 80 * | pfsync_header | 81 * +----------------------------+ 82 * | pfsync_subheader | 83 * +----------------------------+ 84 * | first action fields | 85 * | ... | 86 * +----------------------------+ 87 * | pfsync_subheader | 88 * +----------------------------+ 89 * | second action fields | 90 * | ... | 91 * +----------------------------+ 92 * | EOF pfsync_subheader | 93 * +----------------------------+ 94 * | HMAC | 95 * +============================+ 96 */ 97 98 /* 99 * Frame header 100 */ 101 102 struct pfsync_header { 103 u_int8_t version; 104 u_int8_t _pad; 105 u_int16_t len; 106 u_int8_t pfcksum[PF_MD5_DIGEST_LENGTH]; 107 } __packed; 108 109 /* 110 * Frame region subheader 111 */ 112 113 struct pfsync_subheader { 114 u_int8_t action; 115 u_int8_t _pad; 116 u_int16_t count; 117 } __packed; 118 119 /* 120 * CLR 121 */ 122 123 struct pfsync_clr { 124 char ifname[IFNAMSIZ]; 125 u_int32_t creatorid; 126 } __packed; 127 128 /* 129 * INS, UPD, DEL 130 */ 131 132 /* these use struct pfsync_state in pfvar.h */ 133 134 /* 135 * INS_ACK 136 */ 137 138 struct pfsync_ins_ack { 139 u_int64_t id; 140 u_int32_t creatorid; 141 } __packed; 142 143 /* 144 * UPD_C 145 */ 146 147 struct pfsync_upd_c { 148 u_int64_t id; 149 struct pfsync_state_peer src; 150 struct pfsync_state_peer dst; 151 u_int32_t creatorid; 152 u_int32_t expire; 153 u_int8_t timeout; 154 u_int8_t _pad[3]; 155 } __packed; 156 157 /* 158 * UPD_REQ 159 */ 160 161 struct pfsync_upd_req { 162 u_int64_t id; 163 u_int32_t creatorid; 164 } __packed; 165 166 /* 167 * DEL_C 168 */ 169 170 struct pfsync_del_c { 171 u_int64_t id; 172 u_int32_t creatorid; 173 } __packed; 174 175 /* 176 * INS_F, DEL_F 177 */ 178 179 /* not implemented (yet) */ 180 181 /* 182 * BUS 183 */ 184 185 struct pfsync_bus { 186 u_int32_t creatorid; 187 u_int32_t endtime; 188 u_int8_t status; 189 #define PFSYNC_BUS_START 1 190 #define PFSYNC_BUS_END 2 191 u_int8_t _pad[3]; 192 } __packed; 193 194 /* 195 * TDB 196 */ 197 198 struct pfsync_tdb { 199 u_int32_t spi; 200 union sockaddr_union dst; 201 u_int32_t rpl; 202 u_int64_t cur_bytes; 203 u_int8_t sproto; 204 u_int8_t updates; 205 u_int8_t _pad[2]; 206 } __packed; 207 208 #define PFSYNC_HDRLEN sizeof(struct pfsync_header) 209 210 struct pfsyncstats { 211 u_int64_t pfsyncs_ipackets; /* total input packets, IPv4 */ 212 u_int64_t pfsyncs_ipackets6; /* total input packets, IPv6 */ 213 u_int64_t pfsyncs_badif; /* not the right interface */ 214 u_int64_t pfsyncs_badttl; /* TTL is not PFSYNC_DFLTTL */ 215 u_int64_t pfsyncs_hdrops; /* packets shorter than hdr */ 216 u_int64_t pfsyncs_badver; /* bad (incl unsupp) version */ 217 u_int64_t pfsyncs_badact; /* bad action */ 218 u_int64_t pfsyncs_badlen; /* data length does not match */ 219 u_int64_t pfsyncs_badauth; /* bad authentication */ 220 u_int64_t pfsyncs_stale; /* stale state */ 221 u_int64_t pfsyncs_badval; /* bad values */ 222 u_int64_t pfsyncs_badstate; /* insert/lookup failed */ 223 224 u_int64_t pfsyncs_opackets; /* total output packets, IPv4 */ 225 u_int64_t pfsyncs_opackets6; /* total output packets, IPv6 */ 226 u_int64_t pfsyncs_onomem; /* no memory for an mbuf */ 227 u_int64_t pfsyncs_oerrors; /* ip output error */ 228 229 u_int64_t pfsyncs_iacts[PFSYNC_ACT_MAX]; 230 u_int64_t pfsyncs_oacts[PFSYNC_ACT_MAX]; 231 }; 232 233 /* 234 * Configuration structure for SIOCSETPFSYNC SIOCGETPFSYNC 235 */ 236 struct pfsyncreq { 237 char pfsyncr_syncdev[IFNAMSIZ]; 238 struct in_addr pfsyncr_syncpeer; 239 int pfsyncr_maxupdates; 240 #define PFSYNCF_OK 0x00000001 241 #define PFSYNCF_DEFER 0x00000002 242 int pfsyncr_defer; 243 }; 244 245 #define SIOCSETPFSYNC _IOW('i', 247, struct ifreq) 246 #define SIOCGETPFSYNC _IOWR('i', 248, struct ifreq) 247 248 #ifdef _KERNEL 249 250 /* 251 * this shows where a pf state is with respect to the syncing. 252 */ 253 #define PFSYNC_S_INS 0x00 254 #define PFSYNC_S_IACK 0x01 255 #define PFSYNC_S_UPD 0x02 256 #define PFSYNC_S_UPD_C 0x03 257 #define PFSYNC_S_DEL 0x04 258 #define PFSYNC_S_COUNT 0x05 259 260 #define PFSYNC_S_DEFER 0xfe 261 #define PFSYNC_S_NONE 0xff 262 263 #define PFSYNC_SI_IOCTL 0x01 264 #define PFSYNC_SI_CKSUM 0x02 265 #define PFSYNC_SI_ACK 0x04 266 267 #endif /* _KERNEL */ 268 269 #endif /* _NET_IF_PFSYNC_H_ */
Cache object: 48debeb44f87dc3822e3020b48cba792
[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]