Changeset View
Changeset View
Standalone View
Standalone View
sys/netipsec/ipsec.c
Show First 20 Lines • Show All 106 Lines • ▼ Show 20 Lines | |||||
VNET_PCPUSTAT_SYSINIT(ipsec4stat); | VNET_PCPUSTAT_SYSINIT(ipsec4stat); | ||||
#ifdef VIMAGE | #ifdef VIMAGE | ||||
VNET_PCPUSTAT_SYSUNINIT(ipsec4stat); | VNET_PCPUSTAT_SYSUNINIT(ipsec4stat); | ||||
#endif /* VIMAGE */ | #endif /* VIMAGE */ | ||||
/* DF bit on encap. 0: clear 1: set 2: copy */ | /* DF bit on encap. 0: clear 1: set 2: copy */ | ||||
VNET_DEFINE(int, ip4_ipsec_dfbit) = 0; | VNET_DEFINE(int, ip4_ipsec_dfbit) = 0; | ||||
VNET_DEFINE(int, ip4_ipsec_min_pmtu) = 576; | |||||
VNET_DEFINE(int, ip4_esp_trans_deflev) = IPSEC_LEVEL_USE; | VNET_DEFINE(int, ip4_esp_trans_deflev) = IPSEC_LEVEL_USE; | ||||
VNET_DEFINE(int, ip4_esp_net_deflev) = IPSEC_LEVEL_USE; | VNET_DEFINE(int, ip4_esp_net_deflev) = IPSEC_LEVEL_USE; | ||||
VNET_DEFINE(int, ip4_ah_trans_deflev) = IPSEC_LEVEL_USE; | VNET_DEFINE(int, ip4_ah_trans_deflev) = IPSEC_LEVEL_USE; | ||||
VNET_DEFINE(int, ip4_ah_net_deflev) = IPSEC_LEVEL_USE; | VNET_DEFINE(int, ip4_ah_net_deflev) = IPSEC_LEVEL_USE; | ||||
/* ECN ignore(-1)/forbidden(0)/allowed(1) */ | /* ECN ignore(-1)/forbidden(0)/allowed(1) */ | ||||
VNET_DEFINE(int, ip4_ipsec_ecn) = 0; | VNET_DEFINE(int, ip4_ipsec_ecn) = 0; | ||||
VNET_DEFINE_STATIC(int, ip4_filtertunnel) = 0; | VNET_DEFINE_STATIC(int, ip4_filtertunnel) = 0; | ||||
▲ Show 20 Lines • Show All 68 Lines • ▼ Show 20 Lines | SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_NETLEV, ah_net_deflev, | ||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ah_net_deflev), 0, | CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ah_net_deflev), 0, | ||||
"AH tunnel mode default level."); | "AH tunnel mode default level."); | ||||
SYSCTL_INT(_net_inet_ipsec, IPSECCTL_AH_CLEARTOS, ah_cleartos, | SYSCTL_INT(_net_inet_ipsec, IPSECCTL_AH_CLEARTOS, ah_cleartos, | ||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, | CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, | ||||
"If set, clear type-of-service field when doing AH computation."); | "If set, clear type-of-service field when doing AH computation."); | ||||
SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DFBIT, dfbit, | SYSCTL_INT(_net_inet_ipsec, IPSECCTL_DFBIT, dfbit, | ||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, | CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, | ||||
"Do not fragment bit on encap."); | "Do not fragment bit on encap."); | ||||
SYSCTL_INT(_net_inet_ipsec, IPSECCTL_MIN_PMTU, min_pmtu, | |||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_min_pmtu), 0, | |||||
"Lowest acceptable PMTU value."); | |||||
SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, | SYSCTL_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, | ||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, | CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, | ||||
"Explicit Congestion Notification handling."); | "Explicit Congestion Notification handling."); | ||||
SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, | SYSCTL_INT(_net_inet_ipsec, OID_AUTO, crypto_support, | ||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(crypto_support), 0, | CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(crypto_support), 0, | ||||
"Crypto driver selection."); | "Crypto driver selection."); | ||||
SYSCTL_INT(_net_inet_ipsec, OID_AUTO, async_crypto, | SYSCTL_INT(_net_inet_ipsec, OID_AUTO, async_crypto, | ||||
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(async_crypto), 0, | CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(async_crypto), 0, | ||||
▲ Show 20 Lines • Show All 1,324 Lines • Show Last 20 Lines |