ipsec.c - OpenGrok cross reference for /freebsd/sys/netipsec/ipsec.c

Deleted Added

sdiffudifftextold (b754c279..)new (39bbca6f..)

ipsec.c (b754c27916c5d1b0fe2f57d6d4ba94c7de1b541b)	ipsec.c (39bbca6ffd794bb72156fb8053ad0ea03ac98e19)
1/* $FreeBSD$ / 2/ $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ / 3 4/- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 135 unchanged lines hidden (view full) --- 144/* 145 * Crypto support requirements: 146 * 147 * 1 require hardware support 148 * -1 require software support 149 * 0 take anything 150 */ 151VNET_DEFINE(int, crypto_support) = CRYPTOCAP_F_HARDWARE \| CRYPTOCAP_F_SOFTWARE;	1/* $FreeBSD$ / 2/ $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ / 3 4/- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 135 unchanged lines hidden (view full) --- 144/* 145 * Crypto support requirements: 146 * 147 * 1 require hardware support 148 * -1 require software support 149 * 0 take anything 150 */ 151VNET_DEFINE(int, crypto_support) = CRYPTOCAP_F_HARDWARE \| CRYPTOCAP_F_SOFTWARE;
	152
152/*	153/*
	154 * Use asynchronous mode to parallelize crypto jobs: 155 * 156 * 0 - disabled 157 * 1 - enabled 158 / 159VNET_DEFINE(int, async_crypto) = 0; 160 161/
153 * TCP/UDP checksum handling policy for transport mode NAT-T (RFC3948) 154 * 155 * 0 - auto: incrementally recompute, when checksum delta is known; 156 * if checksum delta isn't known, reset checksum to zero for UDP, 157 * and mark csum_flags as valid for TCP. 158 * 1 - fully recompute TCP/UDP checksum. 159 / 160VNET_DEFINE(int, natt_cksum_policy) = 0; --- 29 unchanged lines hidden* (view full) --- 190 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, 191 "Do not fragment bit on encap."); 192SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, 193 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, 194 "Explicit Congestion Notification handling."); 195SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, 196 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(crypto_support), 0, 197 "Crypto driver selection.");	162 * TCP/UDP checksum handling policy for transport mode NAT-T (RFC3948) 163 * 164 * 0 - auto: incrementally recompute, when checksum delta is known; 165 * if checksum delta isn't known, reset checksum to zero for UDP, 166 * and mark csum_flags as valid for TCP. 167 * 1 - fully recompute TCP/UDP checksum. 168 / 169VNET_DEFINE(int, natt_cksum_policy) = 0; --- 29 unchanged lines hidden* (view full) --- 199 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, 200 "Do not fragment bit on encap."); 201SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, 202 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, 203 "Explicit Congestion Notification handling."); 204SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, 205 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(crypto_support), 0, 206 "Crypto driver selection.");
	207SYSCTL_INT(_net_inet_ipsec, OID_AUTO, async_crypto, 208 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(async_crypto), 0, 209 "Use asynchronous mode to parallelize crypto jobs.");
198SYSCTL_INT(_net_inet_ipsec, OID_AUTO, check_policy_history, 199 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(check_policy_history), 0, 200 "Use strict check of inbound packets to security policy compliance."); 201SYSCTL_INT(_net_inet_ipsec, OID_AUTO, natt_cksum_policy, 202 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(natt_cksum_policy), 0, 203 "Method to fix TCP/UDP checksum for transport mode IPsec after NAT."); 204SYSCTL_INT(_net_inet_ipsec, OID_AUTO, filtertunnel, 205 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_filtertunnel), 0, --- 1190 unchanged lines hidden ---	210SYSCTL_INT(_net_inet_ipsec, OID_AUTO, check_policy_history, 211 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(check_policy_history), 0, 212 "Use strict check of inbound packets to security policy compliance."); 213SYSCTL_INT(_net_inet_ipsec, OID_AUTO, natt_cksum_policy, 214 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(natt_cksum_policy), 0, 215 "Method to fix TCP/UDP checksum for transport mode IPsec after NAT."); 216SYSCTL_INT(_net_inet_ipsec, OID_AUTO, filtertunnel, 217 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_filtertunnel), 0, --- 1190 unchanged lines hidden ---

ipsec.c (b754c27916c5d1b0fe2f57d6d4ba94c7de1b541b)	ipsec.c (39bbca6ffd794bb72156fb8053ad0ea03ac98e19)
1/* $FreeBSD$ / 2/ $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ / 3 4/- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 135 unchanged lines hidden (view full) --- 144/* 145 * Crypto support requirements: 146 * 147 * 1 require hardware support 148 * -1 require software support 149 * 0 take anything 150 */ 151VNET_DEFINE(int, crypto_support) = CRYPTOCAP_F_HARDWARE \| CRYPTOCAP_F_SOFTWARE;	1/* $FreeBSD$ / 2/ $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ / 3 4/- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 135 unchanged lines hidden (view full) --- 144/* 145 * Crypto support requirements: 146 * 147 * 1 require hardware support 148 * -1 require software support 149 * 0 take anything 150 */ 151VNET_DEFINE(int, crypto_support) = CRYPTOCAP_F_HARDWARE \| CRYPTOCAP_F_SOFTWARE;
	152
152/*	153/*
	154 * Use asynchronous mode to parallelize crypto jobs: 155 * 156 * 0 - disabled 157 * 1 - enabled 158 / 159VNET_DEFINE(int, async_crypto) = 0; 160 161/
153 * TCP/UDP checksum handling policy for transport mode NAT-T (RFC3948) 154 * 155 * 0 - auto: incrementally recompute, when checksum delta is known; 156 * if checksum delta isn't known, reset checksum to zero for UDP, 157 * and mark csum_flags as valid for TCP. 158 * 1 - fully recompute TCP/UDP checksum. 159 / 160VNET_DEFINE(int, natt_cksum_policy) = 0; --- 29 unchanged lines hidden* (view full) --- 190 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, 191 "Do not fragment bit on encap."); 192SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, 193 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, 194 "Explicit Congestion Notification handling."); 195SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, 196 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(crypto_support), 0, 197 "Crypto driver selection.");	162 * TCP/UDP checksum handling policy for transport mode NAT-T (RFC3948) 163 * 164 * 0 - auto: incrementally recompute, when checksum delta is known; 165 * if checksum delta isn't known, reset checksum to zero for UDP, 166 * and mark csum_flags as valid for TCP. 167 * 1 - fully recompute TCP/UDP checksum. 168 / 169VNET_DEFINE(int, natt_cksum_policy) = 0; --- 29 unchanged lines hidden* (view full) --- 199 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, 200 "Do not fragment bit on encap."); 201SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, 202 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, 203 "Explicit Congestion Notification handling."); 204SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, 205 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(crypto_support), 0, 206 "Crypto driver selection.");
	207SYSCTL_INT(_net_inet_ipsec, OID_AUTO, async_crypto, 208 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(async_crypto), 0, 209 "Use asynchronous mode to parallelize crypto jobs.");
198SYSCTL_INT(_net_inet_ipsec, OID_AUTO, check_policy_history, 199 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(check_policy_history), 0, 200 "Use strict check of inbound packets to security policy compliance."); 201SYSCTL_INT(_net_inet_ipsec, OID_AUTO, natt_cksum_policy, 202 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(natt_cksum_policy), 0, 203 "Method to fix TCP/UDP checksum for transport mode IPsec after NAT."); 204SYSCTL_INT(_net_inet_ipsec, OID_AUTO, filtertunnel, 205 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_filtertunnel), 0, --- 1190 unchanged lines hidden ---	210SYSCTL_INT(_net_inet_ipsec, OID_AUTO, check_policy_history, 211 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(check_policy_history), 0, 212 "Use strict check of inbound packets to security policy compliance."); 213SYSCTL_INT(_net_inet_ipsec, OID_AUTO, natt_cksum_policy, 214 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(natt_cksum_policy), 0, 215 "Method to fix TCP/UDP checksum for transport mode IPsec after NAT."); 216SYSCTL_INT(_net_inet_ipsec, OID_AUTO, filtertunnel, 217 CTLFLAG_VNET \| CTLFLAG_RW, &VNET_NAME(ip4_filtertunnel), 0, --- 1190 unchanged lines hidden ---