2012-11-03 01:07:07 +04:00
|
|
|
/* $NetBSD: ip.h,v 1.34 2012/11/02 21:07:07 christos Exp $ */
|
1994-06-29 10:29:24 +04:00
|
|
|
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
1994-05-13 10:02:48 +04:00
|
|
|
* Copyright (c) 1982, 1986, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
1993-03-21 12:45:37 +03:00
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2003-08-07 20:26:28 +04:00
|
|
|
* 3. Neither the name of the University nor the names of its contributors
|
1993-03-21 12:45:37 +03:00
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*
|
1998-01-05 13:31:44 +03:00
|
|
|
* @(#)ip.h 8.2 (Berkeley) 6/1/94
|
1993-03-21 12:45:37 +03:00
|
|
|
*/
|
|
|
|
|
1998-02-10 04:26:19 +03:00
|
|
|
#ifndef _NETINET_IP_H_
|
|
|
|
#define _NETINET_IP_H_
|
|
|
|
|
2012-11-03 01:07:07 +04:00
|
|
|
#include <netinet/in_systm.h> /* for n_time */
|
1993-03-21 12:45:37 +03:00
|
|
|
/*
|
|
|
|
* Definitions for internet protocol version 4.
|
|
|
|
* Per RFC 791, September 1981.
|
|
|
|
*/
|
|
|
|
#define IPVERSION 4
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Structure of an internet header, naked of options.
|
|
|
|
*/
|
|
|
|
struct ip {
|
1994-01-09 00:21:28 +03:00
|
|
|
#if BYTE_ORDER == LITTLE_ENDIAN
|
2006-12-17 23:07:36 +03:00
|
|
|
unsigned int ip_hl:4, /* header length */
|
|
|
|
ip_v:4; /* version */
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif
|
1994-01-09 00:21:28 +03:00
|
|
|
#if BYTE_ORDER == BIG_ENDIAN
|
2006-12-17 23:07:36 +03:00
|
|
|
unsigned int ip_v:4, /* version */
|
|
|
|
ip_hl:4; /* header length */
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif
|
1995-04-13 10:25:36 +04:00
|
|
|
u_int8_t ip_tos; /* type of service */
|
1996-10-25 10:22:24 +04:00
|
|
|
u_int16_t ip_len; /* total length */
|
1995-04-13 10:25:36 +04:00
|
|
|
u_int16_t ip_id; /* identification */
|
1996-10-25 10:22:24 +04:00
|
|
|
u_int16_t ip_off; /* fragment offset field */
|
1996-12-11 04:55:50 +03:00
|
|
|
#define IP_RF 0x8000 /* reserved fragment flag */
|
2003-04-01 11:39:47 +04:00
|
|
|
#define IP_EF 0x8000 /* evil flag, per RFC 3514 */
|
1993-03-21 12:45:37 +03:00
|
|
|
#define IP_DF 0x4000 /* dont fragment flag */
|
|
|
|
#define IP_MF 0x2000 /* more fragments flag */
|
1994-05-13 10:02:48 +04:00
|
|
|
#define IP_OFFMASK 0x1fff /* mask for fragmenting bits */
|
1995-04-13 10:25:36 +04:00
|
|
|
u_int8_t ip_ttl; /* time to live */
|
|
|
|
u_int8_t ip_p; /* protocol */
|
|
|
|
u_int16_t ip_sum; /* checksum */
|
1995-04-17 09:32:52 +04:00
|
|
|
struct in_addr ip_src, ip_dst; /* source and dest address */
|
2007-12-25 21:33:32 +03:00
|
|
|
} __packed;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
#define IP_MAXPACKET 65535 /* maximum packet size */
|
2007-12-21 05:07:54 +03:00
|
|
|
#define IP_MINFRAGSIZE 69 /* minumum size that can be fraged */
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Definitions for IP type of service (ip_tos)
|
|
|
|
*/
|
2011-07-24 22:06:08 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Definitions for DiffServ Codepoints as per RFC2474
|
|
|
|
*/
|
|
|
|
#define IPTOS_DSCP_CS0 0x00
|
|
|
|
#define IPTOS_DSCP_CS1 0x20
|
|
|
|
#define IPTOS_DSCP_AF11 0x28
|
|
|
|
#define IPTOS_DSCP_AF12 0x30
|
|
|
|
#define IPTOS_DSCP_AF13 0x38
|
|
|
|
#define IPTOS_DSCP_CS2 0x40
|
|
|
|
#define IPTOS_DSCP_AF21 0x48
|
|
|
|
#define IPTOS_DSCP_AF22 0x50
|
|
|
|
#define IPTOS_DSCP_AF23 0x58
|
|
|
|
#define IPTOS_DSCP_CS3 0x60
|
|
|
|
#define IPTOS_DSCP_AF31 0x68
|
|
|
|
#define IPTOS_DSCP_AF32 0x70
|
|
|
|
#define IPTOS_DSCP_AF33 0x78
|
|
|
|
#define IPTOS_DSCP_CS4 0x80
|
|
|
|
#define IPTOS_DSCP_AF41 0x88
|
|
|
|
#define IPTOS_DSCP_AF42 0x90
|
|
|
|
#define IPTOS_DSCP_AF43 0x98
|
|
|
|
#define IPTOS_DSCP_CS5 0xa0
|
|
|
|
#define IPTOS_DSCP_EF 0xb8
|
|
|
|
#define IPTOS_DSCP_CS6 0xc0
|
|
|
|
#define IPTOS_DSCP_CS7 0xe0
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Definitions for DiffServ Class Selector Codepoints
|
|
|
|
*/
|
|
|
|
#define IPTOS_CLASS_CS0 0x00
|
|
|
|
#define IPTOS_CLASS_CS1 0x20
|
|
|
|
#define IPTOS_CLASS_CS2 0x40
|
|
|
|
#define IPTOS_CLASS_CS3 0x60
|
|
|
|
#define IPTOS_CLASS_CS4 0x80
|
|
|
|
#define IPTOS_CLASS_CS5 0xa0
|
|
|
|
#define IPTOS_CLASS_CS6 0xc0
|
|
|
|
#define IPTOS_CLASS_CS7 0xe0
|
|
|
|
#define IPTOS_CLASS_DEFAULT IPTOS_CLASS_CS0
|
|
|
|
#define IPTOS_CLASS_MASK 0xe0
|
|
|
|
#define IPTOS_CLASS(cs) ((cs) & IPTOS_CLASS_MASK)
|
|
|
|
#define IPTOS_DSCP_MASK 0xfc
|
|
|
|
#define IPTOS_DSCP(cp) ((cp) & IPTOS_DSCP_MASK)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ECN (Explicit Congestion Notification) codepoints in RFC3168
|
|
|
|
* mapped to the lower 2 bits of the TOS field.
|
|
|
|
*/
|
|
|
|
#define IPTOS_ECN_NOTECT 0x00 /* not-ECT */
|
|
|
|
#define IPTOS_ECN_ECT1 0x01 /* ECN-capable transport (1) */
|
|
|
|
#define IPTOS_ECN_ECT0 0x02 /* ECN-capable transport (0) */
|
|
|
|
#define IPTOS_ECN_CE 0x03 /* congestion experienced */
|
|
|
|
#define IPTOS_ECN_MASK 0x03 /* ECN field mask */
|
|
|
|
#define IPTOS_ECN(cn) ((cn) & IPTOS_ECN_MASK)
|
|
|
|
#define IPTOS_ECN_NOT_ECT 0x00
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Definitions for IP type of service per RFC1349 (ip_tos)
|
|
|
|
* DEPRECATED
|
|
|
|
*/
|
1993-03-21 12:45:37 +03:00
|
|
|
#define IPTOS_LOWDELAY 0x10
|
|
|
|
#define IPTOS_THROUGHPUT 0x08
|
|
|
|
#define IPTOS_RELIABILITY 0x04
|
2011-07-24 22:06:08 +04:00
|
|
|
#define IPTOS_MINCOST 0x02
|
|
|
|
/* ECN RFC3168 obsoletes RFC2481, and these will be deprecated soon. */
|
|
|
|
#define IPTOS_CE 0x01 /* congestion experienced */
|
|
|
|
#define IPTOS_ECT 0x02 /* ECN-capable transport */
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
/*
|
2011-07-24 22:06:08 +04:00
|
|
|
* Definitions for IP precedence per RFC1195 (also in ip_tos) (hopefully unused)
|
1993-03-21 12:45:37 +03:00
|
|
|
*/
|
|
|
|
#define IPTOS_PREC_NETCONTROL 0xe0
|
|
|
|
#define IPTOS_PREC_INTERNETCONTROL 0xc0
|
|
|
|
#define IPTOS_PREC_CRITIC_ECP 0xa0
|
|
|
|
#define IPTOS_PREC_FLASHOVERRIDE 0x80
|
|
|
|
#define IPTOS_PREC_FLASH 0x60
|
|
|
|
#define IPTOS_PREC_IMMEDIATE 0x40
|
|
|
|
#define IPTOS_PREC_PRIORITY 0x20
|
1995-05-15 05:22:44 +04:00
|
|
|
#define IPTOS_PREC_ROUTINE 0x00
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Definitions for options.
|
|
|
|
*/
|
|
|
|
#define IPOPT_COPIED(o) ((o)&0x80)
|
|
|
|
#define IPOPT_CLASS(o) ((o)&0x60)
|
|
|
|
#define IPOPT_NUMBER(o) ((o)&0x1f)
|
|
|
|
|
|
|
|
#define IPOPT_CONTROL 0x00
|
|
|
|
#define IPOPT_RESERVED1 0x20
|
|
|
|
#define IPOPT_DEBMEAS 0x40
|
|
|
|
#define IPOPT_RESERVED2 0x60
|
|
|
|
|
|
|
|
#define IPOPT_EOL 0 /* end of option list */
|
|
|
|
#define IPOPT_NOP 1 /* no operation */
|
|
|
|
|
|
|
|
#define IPOPT_RR 7 /* record packet route */
|
|
|
|
#define IPOPT_TS 68 /* timestamp */
|
|
|
|
#define IPOPT_SECURITY 130 /* provide s,c,h,tcc */
|
|
|
|
#define IPOPT_LSRR 131 /* loose source route */
|
|
|
|
#define IPOPT_SATID 136 /* satnet id */
|
|
|
|
#define IPOPT_SSRR 137 /* strict source route */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Offsets to fields in options other than EOL and NOP.
|
|
|
|
*/
|
|
|
|
#define IPOPT_OPTVAL 0 /* option ID */
|
|
|
|
#define IPOPT_OLEN 1 /* option length */
|
1994-01-09 00:21:28 +03:00
|
|
|
#define IPOPT_OFFSET 2 /* offset within option */
|
1993-03-21 12:45:37 +03:00
|
|
|
#define IPOPT_MINOFF 4 /* min value of above */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Time stamp option structure.
|
|
|
|
*/
|
|
|
|
struct ip_timestamp {
|
1995-04-13 10:25:36 +04:00
|
|
|
u_int8_t ipt_code; /* IPOPT_TS */
|
|
|
|
u_int8_t ipt_len; /* size of structure (variable) */
|
|
|
|
u_int8_t ipt_ptr; /* index of current entry */
|
1994-01-09 00:21:28 +03:00
|
|
|
#if BYTE_ORDER == LITTLE_ENDIAN
|
2006-12-17 23:07:36 +03:00
|
|
|
unsigned int ipt_flg:4, /* flags, see below */
|
|
|
|
ipt_oflw:4; /* overflow counter */
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif
|
1994-01-09 00:21:28 +03:00
|
|
|
#if BYTE_ORDER == BIG_ENDIAN
|
2006-12-17 23:07:36 +03:00
|
|
|
unsigned int ipt_oflw:4, /* overflow counter */
|
|
|
|
ipt_flg:4; /* flags, see below */
|
1993-03-21 12:45:37 +03:00
|
|
|
#endif
|
|
|
|
union ipt_timestamp {
|
1995-04-17 09:32:52 +04:00
|
|
|
n_time ipt_time[1];
|
|
|
|
struct ipt_ta {
|
1993-03-21 12:45:37 +03:00
|
|
|
struct in_addr ipt_addr;
|
1995-04-13 10:25:36 +04:00
|
|
|
n_time ipt_time;
|
2007-12-25 21:33:32 +03:00
|
|
|
} ipt_ta[1] __packed;
|
|
|
|
} ipt_timestamp __packed;
|
|
|
|
} __packed;
|
1993-03-21 12:45:37 +03:00
|
|
|
|
|
|
|
/* flag bits for ipt_flg */
|
|
|
|
#define IPOPT_TS_TSONLY 0 /* timestamps only */
|
|
|
|
#define IPOPT_TS_TSANDADDR 1 /* timestamps and addresses */
|
|
|
|
#define IPOPT_TS_PRESPEC 3 /* specified modules only */
|
|
|
|
|
|
|
|
/* bits for security (not byte swapped) */
|
|
|
|
#define IPOPT_SECUR_UNCLASS 0x0000
|
|
|
|
#define IPOPT_SECUR_CONFID 0xf135
|
|
|
|
#define IPOPT_SECUR_EFTO 0x789a
|
|
|
|
#define IPOPT_SECUR_MMMM 0xbc4d
|
|
|
|
#define IPOPT_SECUR_RESTR 0xaf13
|
|
|
|
#define IPOPT_SECUR_SECRET 0xd788
|
|
|
|
#define IPOPT_SECUR_TOPSECRET 0x6bc5
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Internet implementation parameters.
|
|
|
|
*/
|
|
|
|
#define MAXTTL 255 /* maximum time to live (seconds) */
|
1994-05-13 10:02:48 +04:00
|
|
|
#define IPDEFTTL 64 /* default ttl, from RFC 1340 */
|
1993-03-21 12:45:37 +03:00
|
|
|
#define IPFRAGTTL 60 /* time to live for frags, slowhz */
|
|
|
|
#define IPTTLDEC 1 /* subtracted when forwarding */
|
|
|
|
|
|
|
|
#define IP_MSS 576 /* default maximum segment size */
|
1998-02-10 04:26:19 +03:00
|
|
|
|
Initial commit of a port of the FreeBSD implementation of RFC 2385
(MD5 signatures for TCP, as used with BGP). Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net. Shortening of the setsockopt() name
attributed to Vincent Jardin.
This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct. Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).
NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary. Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.
In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:
sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15
Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.
2004-04-26 02:25:03 +04:00
|
|
|
/*
|
|
|
|
* This is the real IPv4 pseudo header, used for computing the TCP and UDP
|
|
|
|
* checksums. For the Internet checksum, struct ipovly can be used instead.
|
|
|
|
* For stronger checksums, the real thing must be used.
|
|
|
|
*/
|
|
|
|
struct ippseudo {
|
|
|
|
struct in_addr ippseudo_src; /* source internet address */
|
|
|
|
struct in_addr ippseudo_dst; /* destination internet address */
|
|
|
|
u_int8_t ippseudo_pad; /* pad, must be zero */
|
|
|
|
u_int8_t ippseudo_p; /* protocol */
|
|
|
|
u_int16_t ippseudo_len; /* protocol length */
|
|
|
|
} __packed;
|
2005-12-11 02:31:41 +03:00
|
|
|
#endif /* !_NETINET_IP_H_ */
|