| 1 | /* $NetBSD: ah_var.h,v 1.4 2008/04/23 06:09:05 thorpej Exp $ */ |
| 2 | /* $FreeBSD: src/sys/netipsec/ah_var.h,v 1.1.4.1 2003/01/24 05:11:35 sam Exp $ */ |
| 3 | /* $OpenBSD: ip_ah.h,v 1.29 2002/06/09 16:26:10 itojun Exp $ */ |
| 4 | /* |
| 5 | * The authors of this code are John Ioannidis (ji@tla.org), |
| 6 | * Angelos D. Keromytis (kermit@csd.uch.gr) and |
| 7 | * Niels Provos (provos@physnet.uni-hamburg.de). |
| 8 | * |
| 9 | * The original version of this code was written by John Ioannidis |
| 10 | * for BSD/OS in Athens, Greece, in November 1995. |
| 11 | * |
| 12 | * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, |
| 13 | * by Angelos D. Keromytis. |
| 14 | * |
| 15 | * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis |
| 16 | * and Niels Provos. |
| 17 | * |
| 18 | * Additional features in 1999 by Angelos D. Keromytis. |
| 19 | * |
| 20 | * Copyright (C) 1995, 1996, 1997, 1998, 1999 John Ioannidis, |
| 21 | * Angelos D. Keromytis and Niels Provos. |
| 22 | * Copyright (c) 2001 Angelos D. Keromytis. |
| 23 | * |
| 24 | * Permission to use, copy, and modify this software with or without fee |
| 25 | * is hereby granted, provided that this entire notice is included in |
| 26 | * all copies of any software which is or includes a copy or |
| 27 | * modification of this software. |
| 28 | * You may use this code under the GNU public license if you so wish. Please |
| 29 | * contribute changes back to the authors under this freer than GPL license |
| 30 | * so that we may further the use of strong encryption without limitations to |
| 31 | * all. |
| 32 | * |
| 33 | * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR |
| 34 | * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY |
| 35 | * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE |
| 36 | * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR |
| 37 | * PURPOSE. |
| 38 | */ |
| 39 | |
| 40 | #ifndef _NETIPSEC_AH_VAR_H_ |
| 41 | #define _NETIPSEC_AH_VAR_H_ |
| 42 | |
| 43 | /* |
| 44 | * These define the algorithm indices into the histogram. They're |
| 45 | * presently based on the PF_KEY v2 protocol values which is bogus; |
| 46 | * they should be decoupled from the protocol at which time we can |
| 47 | * pack them and reduce the size of the array to a minimum. |
| 48 | */ |
| 49 | #define AH_ALG_MAX 16 |
| 50 | |
| 51 | #define AH_STAT_HDROPS 0 /* packet shorter than header shows */ |
| 52 | #define AH_STAT_NOPF 1 /* protocol family not supported */ |
| 53 | #define AH_STAT_NOTDB 2 |
| 54 | #define AH_STAT_BADKCR 3 |
| 55 | #define AH_STAT_BADAUTH 4 |
| 56 | #define AH_STAT_NOXFORM 5 |
| 57 | #define AH_STAT_QFULL 6 |
| 58 | #define AH_STAT_WRAP 7 |
| 59 | #define AH_STAT_REPLAY 8 |
| 60 | #define AH_STAT_BADAUTHL 9 /* bad authenticator length */ |
| 61 | #define AH_STAT_INPUT 10 /* input AH packets */ |
| 62 | #define AH_STAT_OUTPUT 11 /* output AH packets */ |
| 63 | #define AH_STAT_INVALID 12 /* trying to use an invalid TDB */ |
| 64 | #define AH_STAT_IBYTES 13 /* input bytes */ |
| 65 | #define AH_STAT_OBYTES 14 /* output bytes */ |
| 66 | #define AH_STAT_TOOBIG 15 /* packet got > than IP_MAXPACKET */ |
| 67 | #define AH_STAT_PDROPS 16 /* packet blocked due to policy */ |
| 68 | #define AH_STAT_CRYPTO 17 /* crypto processing failure */ |
| 69 | #define AH_STAT_TUNNEL 18 /* tunnel sanity check failure */ |
| 70 | #define AH_STAT_HIST 19 /* per-algorithm op count */ |
| 71 | /* space for AH_ALG_MAX (16) counters */ |
| 72 | |
| 73 | #define AH_NSTATS 35 |
| 74 | |
| 75 | #ifdef _KERNEL |
| 76 | extern int ah_enable; |
| 77 | extern int ah_cleartos; |
| 78 | #endif /* _KERNEL */ |
| 79 | #endif /* !_NETIPSEC_AH_VAR_H_ */ |
| 80 | |