1 /* $NetBSD: nattraversal.h,v 1.8 2018/05/19 18:51:59 maxv Exp $ */ 2 3 /* 4 * Copyright (C) 2004 SuSE Linux AG, Nuernberg, Germany. 5 * Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the project nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #ifndef _NATTRAVERSAL_H 34 #define _NATTRAVERSAL_H 35 36 #include "vendorid.h" 37 38 #define NAT_ANNOUNCED (1L<<0) 39 #define NAT_DETECTED_ME (1L<<1) 40 #define NAT_DETECTED_PEER (1L<<2) 41 #define NAT_PORTS_CHANGED (1L<<3) 42 #define NAT_KA_QUEUED (1L<<4) 43 #define NAT_ADD_NON_ESP_MARKER (1L<<5) 44 45 #define NATT_AVAILABLE(_ph1) ((_ph1)->natt_flags & NAT_ANNOUNCED) 46 47 #define NAT_DETECTED (NAT_DETECTED_ME | NAT_DETECTED_PEER) 48 49 #define NON_ESP_MARKER_LEN sizeof(u_int32_t) 50 #define NON_ESP_MARKER_USE(_ph1) ((_ph1)->natt_flags & NAT_ADD_NON_ESP_MARKER) 51 52 /* 53 * These are the values from parsing "remote {}" block of the config file. 54 */ 55 #define NATT_OFF FLASE /* = 0 */ 56 #define NATT_ON TRUE /* = 1 */ 57 #define NATT_FORCE 2 58 59 struct ph1natt_options { 60 int version; 61 u_int16_t float_port; 62 u_int16_t mode_udp_tunnel; 63 u_int16_t mode_udp_transport; 64 u_int16_t encaps_type; /* ESPINUDP / ESPINUDP_NON_IKE */ 65 u_int16_t mode_udp_diff; 66 u_int16_t payload_nat_d; 67 u_int16_t payload_nat_oa; 68 }; 69 70 struct ph2natt { 71 u_int8_t type; 72 u_int16_t sport; 73 u_int16_t dport; 74 struct sockaddr *oa; 75 u_int16_t frag; 76 }; 77 78 int natt_vendorid(int vid); 79 vchar_t *natt_hash_addr(struct ph1handle *iph1, struct sockaddr *addr); 80 int natt_compare_addr_hash(struct ph1handle *iph1, vchar_t *natd_received, int natd_seq); 81 int natt_udp_encap(int encmode); 82 int natt_fill_options(struct ph1natt_options *opts, int version); 83 void natt_float_ports(struct ph1handle *iph1); 84 void natt_handle_vendorid(struct ph1handle *iph1, int vid_numeric); 85 86 struct payload_list * 87 isakmp_plist_append_natt_vids(struct payload_list *plist, vchar_t *vid_natt[MAX_NATT_VID_COUNT]); 88 89 /* NAT keepalive functions */ 90 void natt_keepalive_init(void); 91 int natt_keepalive_add(struct sockaddr *src, struct sockaddr *dst); 92 int natt_keepalive_add_ph1(struct ph1handle *iph1); 93 void natt_keepalive_remove(struct sockaddr *src, struct sockaddr *dst); 94 95 /* Walk through all rmconfigs and tell if NAT-T is enabled in at least one. */ 96 int natt_enabled_in_rmconf(void); 97 98 #endif /* _NATTRAVERSAL_H */ 99