1/* 2 * Copyright (c) 2012-2014 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29 30#ifndef _NET_IF_IPSEC_H_ 31#define _NET_IF_IPSEC_H_ 32 33#ifdef BSD_KERNEL_PRIVATE 34 35#include <sys/kern_control.h> 36#include <netinet/ip_var.h> 37 38/* Control block allocated for each kernel control connection */ 39struct ipsec_pcb { 40 kern_ctl_ref ipsec_ctlref; 41 ifnet_t ipsec_ifp; 42 u_int32_t ipsec_unit; 43 u_int32_t ipsec_flags; 44 int ipsec_ext_ifdata_stats; 45 mbuf_svc_class_t ipsec_output_service_class; 46}; 47 48errno_t ipsec_register_control(void); 49 50/* Helpers */ 51int ipsec_interface_isvalid (ifnet_t interface); 52 53errno_t ipsec_inject_inbound_packet(ifnet_t interface, mbuf_t packet); 54 55void ipsec_set_pkthdr_for_interface(ifnet_t interface, mbuf_t packet, int family); 56 57#endif 58 59/* 60 * Name registered by the ipsec kernel control 61 */ 62#define IPSEC_CONTROL_NAME "com.apple.net.ipsec_control" 63 64/* 65 * Socket option names to manage ipsec 66 */ 67#define IPSEC_OPT_FLAGS 1 68#define IPSEC_OPT_IFNAME 2 69#define IPSEC_OPT_EXT_IFDATA_STATS 3 /* get|set (type int) */ 70#define IPSEC_OPT_INC_IFDATA_STATS_IN 4 /* set to increment stat counters (type struct ipsec_stats_param) */ 71#define IPSEC_OPT_INC_IFDATA_STATS_OUT 5 /* set to increment stat counters (type struct ipsec_stats_param) */ 72#define IPSEC_OPT_SET_DELEGATE_INTERFACE 6 /* set the delegate interface (char[]) */ 73#define IPSEC_OPT_OUTPUT_TRAFFIC_CLASS 7 /* set the traffic class for packets leaving the interface, see sys/socket.h */ 74/* 75 * ipsec stats parameter structure 76 */ 77struct ipsec_stats_param { 78 u_int64_t utsp_packets; 79 u_int64_t utsp_bytes; 80 u_int64_t utsp_errors; 81}; 82 83#endif 84