xnu-4570.71.2.tar.gz

[apple/xnu.git] / bsd / net / if_ipsec.h

diff --git a/bsd/net/if_ipsec.h b/bsd/net/if_ipsec.h
index 670e01f239744efca6060c3015bf16b93407d3d2..ca18916cfa08894be1247e938462a342d376a7f4 100644 (file)
--- a/bsd/net/if_ipsec.h
+++ b/bsd/net/if_ipsec.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012 Apple Inc. All rights reserved.
+ * Copyright (c) 2012-2014 Apple Inc. All rights reserved.
  *
  * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
  *
@@ -35,19 +35,21 @@
 #include <sys/kern_control.h>
 #include <netinet/ip_var.h>
 
-/* Control block allocated for each kernel control connection */
-struct ipsec_pcb {
-       kern_ctl_ref    ipsec_ctlref;
-       ifnet_t                 ipsec_ifp;
-       u_int32_t               ipsec_unit;
-       u_int32_t               ipsec_flags;
-       int                             ipsec_ext_ifdata_stats;
-};
 
 errno_t ipsec_register_control(void);
 
 /* Helpers */
 int ipsec_interface_isvalid (ifnet_t interface);
+boolean_t ipsec_interface_needs_netagent(ifnet_t interface);
+
+errno_t ipsec_inject_inbound_packet(ifnet_t    interface, mbuf_t packet);
+
+void ipsec_set_pkthdr_for_interface(ifnet_t interface, mbuf_t packet, int family);
+
+void ipsec_set_ipoa_for_interface(ifnet_t interface, struct ip_out_args *ipoa);
+
+struct ip6_out_args;
+void ipsec_set_ip6oa_for_interface(ifnet_t interface, struct ip6_out_args *ip6oa);
 
 #endif
 
@@ -65,6 +67,18 @@ int ipsec_interface_isvalid (ifnet_t interface);
 #define IPSEC_OPT_INC_IFDATA_STATS_IN                  4       /* set to increment stat counters (type struct ipsec_stats_param) */
 #define IPSEC_OPT_INC_IFDATA_STATS_OUT                 5       /* set to increment stat counters (type struct ipsec_stats_param) */
 #define IPSEC_OPT_SET_DELEGATE_INTERFACE               6       /* set the delegate interface (char[]) */
+#define IPSEC_OPT_OUTPUT_TRAFFIC_CLASS                 7       /* set the traffic class for packets leaving the interface, see sys/socket.h */
+#define IPSEC_OPT_ENABLE_CHANNEL                               8       /* enable a kernel pipe nexus that allows the owner to open a channel to act as a driver */
+#define IPSEC_OPT_GET_CHANNEL_UUID                             9       /* get the uuid of the kernel pipe nexus instance */
+#define IPSEC_OPT_ENABLE_FLOWSWITCH                            10      /* enable a flowswitch nexus that clients can use */
+#define IPSEC_OPT_INPUT_FRAG_SIZE                              11      /* set the maximum size of input packets before fragmenting as a uint32_t */
+
+#define IPSEC_OPT_ENABLE_NETIF                                 12              /* Must be set before connecting */
+#define IPSEC_OPT_SLOT_SIZE                                            13              /* Must be set before connecting */
+#define IPSEC_OPT_NETIF_RING_SIZE                              14              /* Must be set before connecting */
+#define IPSEC_OPT_TX_FSW_RING_SIZE                             15              /* Must be set before connecting */
+#define IPSEC_OPT_RX_FSW_RING_SIZE                             16              /* Must be set before connecting */
+
 /*
  * ipsec stats parameter structure
  */