1 // SoftEther VPN Source Code - Developer Edition Master Branch 2 // Cedar Communication Module 3 4 5 // Proto_IPsec.h 6 // Header of Proto_IPsec.c 7 8 #ifndef PROTO_IPSEC_H 9 #define PROTO_IPSEC_H 10 11 #include "Cedar.h" 12 13 //// Constants 14 15 // UDP port number 16 #define IPSEC_PORT_L2TP 1701 // L2TP 17 #define IPSEC_PORT_IPSEC_ISAKMP 500 // ISAKMP 18 #define IPSEC_PORT_IPSEC_ESP_UDP 4500 // IPsec ESP over UDP 19 #define IPSEC_PORT_IPSEC_ESP_RAW MAKE_SPECIAL_PORT(50) // Raw mode ESP Protocol No: 50 20 #define IPSEC_PORT_IPSEC_ESP_RAW_WPF MAKE_SPECIAL_PORT(52) // Raw mode ESP Protocol No: 52 (WPF) 21 #define IPSEC_PORT_L2TPV3_VIRTUAL 1000001 // L2TPv3 virtual port 22 23 // IP protocol number 24 #define IPSEC_IP_PROTO_ETHERIP IP_PROTO_ETHERIP // EtherIP 25 #define IPSEC_IP_PROTO_L2TPV3 IP_PROTO_L2TPV3 // L2TPv3 26 27 // WFP tag 28 #define WFP_ESP_PACKET_TAG_1 0x19841117 29 #define WFP_ESP_PACKET_TAG_2 0x1accafe1 30 31 // Monitoring interval of OS service 32 #define IPSEC_CHECK_OS_SERVICE_INTERVAL_INITIAL 1024 33 #define IPSEC_CHECK_OS_SERVICE_INTERVAL_MAX (5 * 60 * 1000) 34 35 // Default IPsec pre-shared key 36 #define IPSEC_DEFAULT_SECRET "vpn" 37 38 39 //// Type 40 41 // List of services provided by IPsec server 42 struct IPSEC_SERVICES 43 { 44 bool L2TP_Raw; // Raw L2TP 45 bool L2TP_IPsec; // L2TP over IPsec 46 bool EtherIP_IPsec; // EtherIP over IPsec 47 48 char IPsec_Secret[MAX_SIZE]; // IPsec pre-shared key 49 char L2TP_DefaultHub[MAX_SIZE]; // Default Virtual HUB name for L2TP connection 50 }; 51 52 // EtherIP key list entry 53 struct ETHERIP_ID 54 { 55 char Id[MAX_SIZE]; // ID 56 char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name 57 char UserName[MAX_USERNAME_LEN + 1]; // User name 58 char Password[MAX_USERNAME_LEN + 1]; // Password 59 }; 60 61 // IPsec server 62 struct IPSEC_SERVER 63 { 64 CEDAR *Cedar; 65 UDPLISTENER *UdpListener; 66 bool Halt; 67 bool NoMoreChangeSettings; 68 LOCK *LockSettings; 69 IPSEC_SERVICES Services; 70 L2TP_SERVER *L2TP; // L2TP server 71 IKE_SERVER *Ike; // IKE server 72 LIST *EtherIPIdList; // EtherIP setting list 73 UINT EtherIPIdListSettingVerNo; // EtherIP setting list version number 74 THREAD *OsServiceCheckThread; // OS Service monitoring thread 75 EVENT *OsServiceCheckThreadEvent; // Event for OS Service monitoring thread 76 IPSEC_WIN7 *Win7; // Helper module for Windows Vista / 7 77 bool Check_LastEnabledStatus; 78 bool HostIPAddressListChanged; 79 bool OsServiceStoped; 80 }; 81 82 83 //// Function prototype 84 IPSEC_SERVER *NewIPsecServer(CEDAR *cedar); 85 void FreeIPsecServer(IPSEC_SERVER *s); 86 void IPsecServerUdpPacketRecvProc(UDPLISTENER *u, LIST *packet_list); 87 void IPsecServerSetServices(IPSEC_SERVER *s, IPSEC_SERVICES *sl); 88 void IPsecNormalizeServiceSetting(IPSEC_SERVER *s); 89 void IPsecServerGetServices(IPSEC_SERVER *s, IPSEC_SERVICES *sl); 90 void IPsecProcPacket(IPSEC_SERVER *s, UDPPACKET *p); 91 int CmpEtherIPId(void *p1, void *p2); 92 bool SearchEtherIPId(IPSEC_SERVER *s, ETHERIP_ID *id, char *id_str); 93 void AddEtherIPId(IPSEC_SERVER *s, ETHERIP_ID *id); 94 bool DeleteEtherIPId(IPSEC_SERVER *s, char *id_str); 95 void IPsecOsServiceCheckThread(THREAD *t, void *p); 96 bool IPsecCheckOsService(IPSEC_SERVER *s); 97 98 99 #endif // PROTO_IPSEC_H 100 101