Home | History | Annotate | Download | only in racoon
      1 /*	$NetBSD: nattraversal.h,v 1.7 2010/09/22 07:34:51 vanhu Exp $	*/
      2 
      3 /*
      4  * Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany.
      5  * Contributed by: Michal Ludvig <mludvig (at) suse.cz>, SUSE Labs
      6  * All rights reserved.
      7  *
      8  * Redistribution and use in source and binary forms, with or without
      9  * modification, are permitted provided that the following conditions
     10  * are met:
     11  * 1. Redistributions of source code must retain the above copyright
     12  *    notice, this list of conditions and the following disclaimer.
     13  * 2. Redistributions in binary form must reproduce the above copyright
     14  *    notice, this list of conditions and the following disclaimer in the
     15  *    documentation and/or other materials provided with the distribution.
     16  * 3. Neither the name of the project nor the names of its contributors
     17  *    may be used to endorse or promote products derived from this software
     18  *    without specific prior written permission.
     19  *
     20  * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
     21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
     23  * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
     24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
     25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
     26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
     29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
     30  * SUCH DAMAGE.
     31  */
     32 
     33 #ifndef _NATTRAVERSAL_H
     34 #define _NATTRAVERSAL_H
     35 
     36 #include "vendorid.h"
     37 
     38 #define	NAT_ANNOUNCED		(1L<<0)
     39 #define	NAT_DETECTED_ME		(1L<<1)
     40 #define	NAT_DETECTED_PEER	(1L<<2)
     41 #define	NAT_PORTS_CHANGED	(1L<<3)
     42 #define	NAT_KA_QUEUED		(1L<<4)
     43 #define	NAT_ADD_NON_ESP_MARKER	(1L<<5)
     44 
     45 #define	NATT_AVAILABLE(_ph1)	((_ph1)->natt_flags & NAT_ANNOUNCED)
     46 
     47 #define	NAT_DETECTED	(NAT_DETECTED_ME | NAT_DETECTED_PEER)
     48 
     49 #define	NON_ESP_MARKER_LEN	sizeof(u_int32_t)
     50 #define	NON_ESP_MARKER_USE(_ph1)	((_ph1)->natt_flags & NAT_ADD_NON_ESP_MARKER)
     51 
     52 /* These are the values from parsing "remote {}"
     53    block of the config file. */
     54 #define NATT_OFF	FLASE	/* = 0 */
     55 #define NATT_ON		TRUE	/* = 1 */
     56 #define NATT_FORCE	2
     57 
     58 struct ph1natt_options {
     59   int		version;
     60   u_int16_t	float_port;
     61   u_int16_t	mode_udp_tunnel;
     62   u_int16_t	mode_udp_transport;
     63   u_int16_t	encaps_type; /* ESPINUDP / ESPINUDP_NON_IKE */
     64   u_int16_t	mode_udp_diff;
     65   u_int16_t	payload_nat_d;
     66   u_int16_t	payload_nat_oa;
     67 };
     68 
     69 struct ph2natt {
     70   u_int8_t	type;
     71   u_int16_t	sport;
     72   u_int16_t	dport;
     73   struct sockaddr	*oa;
     74   u_int16_t	frag;
     75 };
     76 
     77 int natt_vendorid (int vid);
     78 vchar_t *natt_hash_addr (struct ph1handle *iph1, struct sockaddr *addr);
     79 int natt_compare_addr_hash (struct ph1handle *iph1, vchar_t *natd_received, int natd_seq);
     80 int natt_udp_encap (int encmode);
     81 int natt_fill_options (struct ph1natt_options *opts, int version);
     82 void natt_float_ports (struct ph1handle *iph1);
     83 void natt_handle_vendorid (struct ph1handle *iph1, int vid_numeric);
     84 
     85 
     86 struct payload_list *
     87 isakmp_plist_append_natt_vids (struct payload_list *plist, vchar_t *vid_natt[MAX_NATT_VID_COUNT]);
     88 
     89 
     90 /* NAT keepalive functions */
     91 void natt_keepalive_init (void);
     92 int natt_keepalive_add (struct sockaddr *src, struct sockaddr *dst);
     93 int natt_keepalive_add_ph1 (struct ph1handle *iph1);
     94 void natt_keepalive_remove (struct sockaddr *src, struct sockaddr *dst);
     95 
     96 /* Walk through all rmconfigs and tell if NAT-T is enabled in at least one. */
     97 int natt_enabled_in_rmconf (void);
     98 
     99 #endif /* _NATTRAVERSAL_H */
    100