ipsec.c - OpenGrok cross reference for /freebsd/sys/netipsec/ipsec.c

Deleted Added

sdiffudifftextold (dfa9422b..)new (6131838b..)

ipsec.c (dfa9422b4a41712ab6f90f88d82bc90942e1243d)	ipsec.c (6131838b7ca5801814569a4fa0f611d146873661)
1/* $FreeBSD$ / 2/ $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ / 3 4/- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 134 unchanged lines hidden (view full) --- 143 debug, CTLFLAG_RW, &ipsec_debug, 0, ""); 144SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ESP_RANDPAD, 145 esp_randpad, CTLFLAG_RW, &ip4_esp_randpad, 0, ""); 146SYSCTL_INT(_net_inet_ipsec, OID_AUTO, 147 crypto_support, CTLFLAG_RW, &crypto_support,0, ""); 148SYSCTL_STRUCT(_net_inet_ipsec, OID_AUTO, 149 ipsecstats, CTLFLAG_RD, &newipsecstat, newipsecstat, ""); 150	1/* $FreeBSD$ / 2/ $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ / 3 4/- 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without --- 134 unchanged lines hidden (view full) --- 143 debug, CTLFLAG_RW, &ipsec_debug, 0, ""); 144SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ESP_RANDPAD, 145 esp_randpad, CTLFLAG_RW, &ip4_esp_randpad, 0, ""); 146SYSCTL_INT(_net_inet_ipsec, OID_AUTO, 147 crypto_support, CTLFLAG_RW, &crypto_support,0, ""); 148SYSCTL_STRUCT(_net_inet_ipsec, OID_AUTO, 149 ipsecstats, CTLFLAG_RD, &newipsecstat, newipsecstat, ""); 150
	151#ifdef REGRESSION
151/* 152 * When set to 1, IPsec will send packets with the same sequence number. 153 * This allows to verify if the other side has proper replay attacks detection. 154 / 155int ipsec_replay = 0; 156SYSCTL_INT(_net_inet_ipsec, OID_AUTO, test_replay, CTLFLAG_RW, &ipsec_replay, 0, 157 "Emulate replay attack"); 158/ 159 * When set 1, IPsec will send packets with corrupted HMAC. 160 * This allows to verify if the other side properly detects modified packets. 161 */ 162int ipsec_integrity = 0; 163SYSCTL_INT(_net_inet_ipsec, OID_AUTO, test_integrity, CTLFLAG_RW, 164 &ipsec_integrity, 0, "Emulate man-in-the-middle attack");	152/* 153 * When set to 1, IPsec will send packets with the same sequence number. 154 * This allows to verify if the other side has proper replay attacks detection. 155 / 156int ipsec_replay = 0; 157SYSCTL_INT(_net_inet_ipsec, OID_AUTO, test_replay, CTLFLAG_RW, &ipsec_replay, 0, 158 "Emulate replay attack"); 159/ 160 * When set 1, IPsec will send packets with corrupted HMAC. 161 * This allows to verify if the other side properly detects modified packets. 162 */ 163int ipsec_integrity = 0; 164SYSCTL_INT(_net_inet_ipsec, OID_AUTO, test_integrity, CTLFLAG_RW, 165 &ipsec_integrity, 0, "Emulate man-in-the-middle attack");
	166#endif
165 166#ifdef INET6 167int ip6_esp_trans_deflev = IPSEC_LEVEL_USE; 168int ip6_esp_net_deflev = IPSEC_LEVEL_USE; 169int ip6_ah_trans_deflev = IPSEC_LEVEL_USE; 170int ip6_ah_net_deflev = IPSEC_LEVEL_USE; 171int ip6_ipsec_ecn = 0; /* ECN ignore(-1)/forbidden(0)/allowed(1) / 172int ip6_esp_randpad = -1; --- 1774 unchanged lines hidden* ---	167 168#ifdef INET6 169int ip6_esp_trans_deflev = IPSEC_LEVEL_USE; 170int ip6_esp_net_deflev = IPSEC_LEVEL_USE; 171int ip6_ah_trans_deflev = IPSEC_LEVEL_USE; 172int ip6_ah_net_deflev = IPSEC_LEVEL_USE; 173int ip6_ipsec_ecn = 0; /* ECN ignore(-1)/forbidden(0)/allowed(1) / 174int ip6_esp_randpad = -1; --- 1774 unchanged lines hidden* ---