1 /** 2 * This file has no copyright assigned and is placed in the Public Domain. 3 * This file is part of the mingw-w64 runtime package. 4 * No warranty is given; refer to the file DISCLAIMER.PD within this package. 5 */ 6 #ifndef _INC_IPSECTYPES 7 #define _INC_IPSECTYPES 8 #include <iketypes.h> 9 10 #ifdef __cplusplus 11 extern "C" { 12 #endif 13 14 #if (_WIN32_WINNT >= 0x0600) 15 16 typedef UINT8 IPSEC_AUTH_CONFIG; 17 typedef UINT8 IPSEC_CIPHER_CONFIG; 18 typedef UINT32 IPSEC_SA_SPI; 19 typedef UINT64 IPSEC_TOKEN_HANDLE; 20 typedef GUID IPSEC_CRYPTO_MODULE_ID; 21 22 #ifndef __IPSEC_SA_TRANSFORM0_FWD_DECLARED 23 #define __IPSEC_SA_TRANSFORM0_FWD_DECLARED 24 typedef struct IPSEC_SA_TRANSFORM0_ IPSEC_SA_TRANSFORM0; 25 #endif /* __IPSEC_SA_TRANSFORM0_FWD_DECLARED */ 26 27 #ifndef __FWPM_FILTER0_FWD_DECLARED 28 #define __FWPM_FILTER0_FWD_DECLARED 29 typedef struct FWPM_FILTER0_ FWPM_FILTER0; 30 #endif /* __FWPM_FILTER0_FWD_DECLARED */ 31 32 typedef enum IPSEC_FAILURE_POINT_ { 33 IPSEC_FAILURE_NONE, 34 IPSEC_FAILURE_ME, 35 IPSEC_FAILURE_PEER, 36 IPSEC_FAILURE_POINT_MAX 37 } IPSEC_FAILURE_POINT; 38 39 typedef enum IPSEC_TRAFFIC_TYPE_ { 40 IPSEC_TRAFFIC_TYPE_TRANSPORT, 41 IPSEC_TRAFFIC_TYPE_TUNNEL, 42 IPSEC_TRAFFIC_TYPE_MAX 43 } IPSEC_TRAFFIC_TYPE; 44 45 typedef enum IPSEC_PFS_GROUP_ { 46 IPSEC_PFS_NONE, 47 IPSEC_PFS_1, 48 IPSEC_PFS_2, 49 IPSEC_PFS_2048, 50 IPSEC_PFS_ECP_256, 51 IPSEC_PFS_ECP_384, 52 IPSEC_PFS_MM, 53 IPSEC_PFS_MAX 54 } IPSEC_PFS_GROUP; 55 56 typedef enum IPSEC_TRANSFORM_TYPE_ { 57 IPSEC_TRANSFORM_AH = 1, 58 IPSEC_TRANSFORM_ESP_AUTH, 59 IPSEC_TRANSFORM_ESP_CIPHER, 60 IPSEC_TRANSFORM_ESP_AUTH_AND_CIPHER, 61 IPSEC_TRANSFORM_ESP_AUTH_FW, 62 IPSEC_TRANSFORM_TYPE_MAX 63 } IPSEC_TRANSFORM_TYPE; 64 65 typedef enum IPSEC_AUTH_TYPE_ { 66 IPSEC_AUTH_MD5, 67 IPSEC_AUTH_SHA_1, 68 IPSEC_AUTH_SHA_256, 69 IPSEC_AUTH_AES_128, 70 IPSEC_AUTH_AES_192, 71 IPSEC_AUTH_AES_256, 72 IPSEC_AUTH_MAX 73 } IPSEC_AUTH_TYPE; 74 75 typedef enum IPSEC_CIPHER_TYPE_ { 76 IPSEC_CIPHER_TYPE_DES = 1, 77 IPSEC_CIPHER_TYPE_3DES, 78 IPSEC_CIPHER_TYPE_AES_128, 79 IPSEC_CIPHER_TYPE_AES_192, 80 IPSEC_CIPHER_TYPE_AES_256, 81 IPSEC_CIPHER_TYPE_MAX 82 } IPSEC_CIPHER_TYPE; 83 84 typedef enum IPSEC_TOKEN_MODE_ { 85 IPSEC_TOKEN_MODE_MAIN, 86 IPSEC_TOKEN_MODE_EXTENDED, 87 IPSEC_TOKEN_MODE_MAX 88 } IPSEC_TOKEN_MODE; 89 90 typedef enum IPSEC_TOKEN_PRINCIPAL_ { 91 IPSEC_TOKEN_PRINCIPAL_LOCAL, 92 IPSEC_TOKEN_PRINCIPAL_PEER, 93 IPSEC_TOKEN_PRINCIPAL_MAX 94 } IPSEC_TOKEN_PRINCIPAL; 95 96 typedef enum IPSEC_TOKEN_TYPE_ { 97 IPSEC_TOKEN_TYPE_MACHINE, 98 IPSEC_TOKEN_TYPE_IMPERSONATION, 99 IPSEC_TOKEN_TYPE_MAX 100 } IPSEC_TOKEN_TYPE; 101 102 typedef struct IPSEC_SA_LIFETIME0_ { 103 UINT32 lifetimeSeconds; 104 UINT32 lifetimeKilobytes; 105 UINT32 lifetimePackets; 106 } IPSEC_SA_LIFETIME0; 107 108 typedef struct IPSEC_KEYING_POLICY0_ { 109 UINT32 numKeyMods; 110 GUID *keyModKeys; 111 } IPSEC_KEYING_POLICY0; 112 113 typedef struct IPSEC_SA_IDLE_TIMEOUT0_ { 114 UINT32 idleTimeoutSeconds; 115 UINT32 idleTimeoutSecondsFailOver; 116 } IPSEC_SA_IDLE_TIMEOUT0; 117 118 typedef struct IPSEC_PROPOSAL0_ { 119 IPSEC_SA_LIFETIME0 lifetime; 120 UINT32 numSaTransforms; 121 IPSEC_SA_TRANSFORM0 *saTransforms; 122 IPSEC_PFS_GROUP pfsGroup; 123 } IPSEC_PROPOSAL0; 124 125 typedef struct IPSEC_TRANSPORT_POLICY0_ { 126 UINT32 numIpsecProposals; 127 IPSEC_PROPOSAL0 *ipsecProposals; 128 UINT32 flags; 129 UINT32 ndAllowClearTimeoutSeconds; 130 IPSEC_SA_IDLE_TIMEOUT0 saIdleTimeout; 131 IKEEXT_EM_POLICY0 *emPolicy; 132 } IPSEC_TRANSPORT_POLICY0; 133 134 typedef struct IPSEC_AUTH_TRANSFORM_ID0_ { 135 IPSEC_AUTH_TYPE authType; 136 IPSEC_AUTH_CONFIG authConfig; 137 } IPSEC_AUTH_TRANSFORM_ID0; 138 139 typedef struct IPSEC_AUTH_TRANSFORM0_ { 140 IPSEC_AUTH_TRANSFORM_ID0 authTransformId; 141 IPSEC_CRYPTO_MODULE_ID *cryptoModuleId; 142 } IPSEC_AUTH_TRANSFORM0; 143 144 typedef struct IPSEC_CIPHER_TRANSFORM_ID0_ { 145 IPSEC_CIPHER_TYPE cipherType; 146 IPSEC_CIPHER_CONFIG cipherConfig; 147 } IPSEC_CIPHER_TRANSFORM_ID0; 148 149 typedef struct IPSEC_CIPHER_TRANSFORM0_ { 150 IPSEC_CIPHER_TRANSFORM_ID0 cipherTransformId; 151 IPSEC_CRYPTO_MODULE_ID *cryptoModuleId; 152 } IPSEC_CIPHER_TRANSFORM0; 153 154 typedef struct IPSEC_AUTH_AND_CIPHER_TRANSFORM0_ { 155 IPSEC_AUTH_TRANSFORM0 authTransform; 156 IPSEC_CIPHER_TRANSFORM0 cipherTransform; 157 } IPSEC_AUTH_AND_CIPHER_TRANSFORM0; 158 159 typedef struct IPSEC_SA_TRANSFORM0_ { 160 IPSEC_TRANSFORM_TYPE ipsecTransformType; 161 __C89_NAMELESS union { 162 IPSEC_AUTH_TRANSFORM0 *ahTransform; 163 IPSEC_AUTH_TRANSFORM0 *espAuthTransform; 164 IPSEC_CIPHER_TRANSFORM0 *espCipherTransform; 165 IPSEC_AUTH_AND_CIPHER_TRANSFORM0 *espAuthAndCipherTransform; 166 IPSEC_AUTH_TRANSFORM0 *espAuthFwTransform; 167 }; 168 } IPSEC_SA_TRANSFORM0; 169 170 typedef struct IPSEC_TUNNEL_ENDPOINTS0_ { 171 FWP_IP_VERSION ipVersion; 172 __C89_NAMELESS union { 173 UINT32 localV4Address; 174 UINT8 localV6Address[16]; 175 }; 176 __C89_NAMELESS union { 177 UINT32 remoteV4Address; 178 UINT8 remoteV6Address[16]; 179 }; 180 } IPSEC_TUNNEL_ENDPOINTS0; 181 182 typedef struct IPSEC_TUNNEL_POLICY0_ { 183 UINT32 flags; 184 UINT32 numIpsecProposals; 185 IPSEC_PROPOSAL0 *ipsecProposals; 186 IPSEC_TUNNEL_ENDPOINTS0 tunnelEndpoints; 187 IPSEC_SA_IDLE_TIMEOUT0 saIdleTimeout; 188 IKEEXT_EM_POLICY0 *emPolicy; 189 } IPSEC_TUNNEL_POLICY0; 190 191 typedef struct IPSEC_V4_UDP_ENCAPSULATION0_ { 192 UINT16 localUdpEncapPort; 193 UINT16 remoteUdpEncapPort; 194 } IPSEC_V4_UDP_ENCAPSULATION0; 195 196 typedef struct IPSEC_AGGREGATE_SA_STATISTICS0_ { 197 UINT32 activeSas; 198 UINT32 pendingSaNegotiations; 199 UINT32 totalSasAdded; 200 UINT32 totalSasDeleted; 201 UINT32 successfulRekeys; 202 UINT32 activeTunnels; 203 UINT32 offloadedSas; 204 } IPSEC_AGGREGATE_SA_STATISTICS0; 205 206 typedef struct IPSEC_ESP_DROP_PACKET_STATISTICS0_ { 207 UINT32 invalidSpisOnInbound; 208 UINT32 decryptionFailuresOnInbound; 209 UINT32 authenticationFailuresOnInbound; 210 UINT32 replayCheckFailuresOnInbound; 211 UINT32 saNotInitializedOnInbound; 212 } IPSEC_ESP_DROP_PACKET_STATISTICS0; 213 214 typedef struct IPSEC_AH_DROP_PACKET_STATISTICS0_ { 215 UINT32 invalidSpisOnInbound; 216 UINT32 authenticationFailuresOnInbound; 217 UINT32 replayCheckFailuresOnInbound; 218 UINT32 saNotInitializedOnInbound; 219 } IPSEC_AH_DROP_PACKET_STATISTICS0; 220 221 typedef struct IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0_ { 222 UINT32 invalidSpisOnInbound; 223 UINT32 decryptionFailuresOnInbound; 224 UINT32 authenticationFailuresOnInbound; 225 UINT32 udpEspValidationFailuresOnInbound; 226 UINT32 replayCheckFailuresOnInbound; 227 UINT32 invalidClearTextInbound; 228 UINT32 saNotInitializedOnInbound; 229 UINT32 receiveOverIncorrectSaInbound; 230 UINT32 secureReceivesNotMatchingFilters; 231 } IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0; 232 233 typedef struct IPSEC_TRAFFIC_STATISTICS0_ { 234 UINT64 encryptedByteCount; 235 UINT64 authenticatedAHByteCount; 236 UINT64 authenticatedESPByteCount; 237 UINT64 transportByteCount; 238 UINT64 tunnelByteCount; 239 UINT64 offloadByteCount; 240 } IPSEC_TRAFFIC_STATISTICS0; 241 242 typedef struct IPSEC_STATISTICS0_ { 243 IPSEC_AGGREGATE_SA_STATISTICS0 aggregateSaStatistics; 244 IPSEC_ESP_DROP_PACKET_STATISTICS0 espDropPacketStatistics; 245 IPSEC_AH_DROP_PACKET_STATISTICS0 ahDropPacketStatistics; 246 IPSEC_AGGREGATE_DROP_PACKET_STATISTICS0 aggregateDropPacketStatistics; 247 IPSEC_TRAFFIC_STATISTICS0 inboundTrafficStatistics; 248 IPSEC_TRAFFIC_STATISTICS0 outboundTrafficStatistics; 249 } IPSEC_STATISTICS0; 250 251 typedef struct IPSEC_TOKEN0_ { 252 IPSEC_TOKEN_TYPE type; 253 IPSEC_TOKEN_PRINCIPAL principal; 254 IPSEC_TOKEN_MODE mode; 255 IPSEC_TOKEN_HANDLE token; 256 } IPSEC_TOKEN0; 257 258 typedef struct IPSEC_ID0_ { 259 wchar_t *mmTargetName; 260 wchar_t *emTargetName; 261 UINT32 numTokens; 262 IPSEC_TOKEN0 *tokens; 263 UINT64 explicitCredentials; 264 UINT64 logonId; 265 } IPSEC_ID0; 266 267 typedef struct IPSEC_SA_AUTH_INFORMATION0_ { 268 IPSEC_AUTH_TRANSFORM0 authTransform; 269 FWP_BYTE_BLOB authKey; 270 } IPSEC_SA_AUTH_INFORMATION0; 271 272 typedef struct IPSEC_SA_CIPHER_INFORMATION0_ { 273 IPSEC_CIPHER_TRANSFORM0 cipherTransform; 274 FWP_BYTE_BLOB cipherKey; 275 } IPSEC_SA_CIPHER_INFORMATION0; 276 277 typedef struct IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0_ { 278 IPSEC_SA_CIPHER_INFORMATION0 saCipherInformation; 279 IPSEC_SA_AUTH_INFORMATION0 saAuthInformation; 280 } IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0; 281 282 typedef struct IPSEC_SA0_ { 283 IPSEC_SA_SPI spi; 284 IPSEC_TRANSFORM_TYPE saTransformType; 285 __C89_NAMELESS union { 286 IPSEC_SA_AUTH_INFORMATION0 *ahInformation; 287 IPSEC_SA_AUTH_INFORMATION0 *espAuthInformation; 288 IPSEC_SA_CIPHER_INFORMATION0 *espCipherInformation; 289 IPSEC_SA_AUTH_AND_CIPHER_INFORMATION0 *espAuthAndCipherInformation; 290 IPSEC_SA_AUTH_INFORMATION0 *espAuthFwInformation; 291 }; 292 } IPSEC_SA0; 293 294 typedef struct IPSEC_KEYMODULE_STATE0_ { 295 GUID keyModuleKey; 296 FWP_BYTE_BLOB stateBlob; 297 } IPSEC_KEYMODULE_STATE0; 298 299 typedef struct IPSEC_SA_BUNDLE0_ { 300 UINT32 flags; 301 IPSEC_SA_LIFETIME0 lifetime; 302 UINT32 idleTimeoutSeconds; 303 UINT32 ndAllowClearTimeoutSeconds; 304 IPSEC_ID0 *ipsecId; 305 UINT32 napContext; 306 UINT32 qmSaId; 307 UINT32 numSAs; 308 IPSEC_SA0 *saList; 309 IPSEC_KEYMODULE_STATE0 *keyModuleState; 310 FWP_IP_VERSION ipVersion; 311 __C89_NAMELESS union { 312 UINT32 peerV4PrivateAddress; 313 ; // case(FWP_IP_VERSION_V6) 314 }; 315 UINT64 mmSaId; 316 IPSEC_PFS_GROUP pfsGroup; 317 } IPSEC_SA_BUNDLE0; 318 319 typedef struct IPSEC_TRAFFIC0_ { 320 FWP_IP_VERSION ipVersion; 321 __C89_NAMELESS union { 322 UINT32 localV4Address; 323 UINT8 localV6Address[16]; 324 }; 325 __C89_NAMELESS union { 326 UINT32 remoteV4Address; 327 UINT8 remoteV6Address[16]; 328 }; 329 IPSEC_TRAFFIC_TYPE trafficType; 330 __C89_NAMELESS union { 331 UINT64 ipsecFilterId; 332 UINT64 tunnelPolicyId; 333 }; 334 UINT16 remotePort; 335 } IPSEC_TRAFFIC0; 336 337 typedef struct IPSEC_SA_DETAILS0_ { 338 FWP_IP_VERSION ipVersion; 339 FWP_DIRECTION saDirection; 340 IPSEC_TRAFFIC0 traffic; 341 IPSEC_SA_BUNDLE0 saBundle; 342 __C89_NAMELESS union { 343 IPSEC_V4_UDP_ENCAPSULATION0 *udpEncapsulation; 344 ; // case(FWP_IP_VERSION_V6) 345 }; 346 FWPM_FILTER0 *transportFilter; 347 } IPSEC_SA_DETAILS0; 348 349 typedef struct IPSEC_SA_CONTEXT0_ { 350 UINT64 saContextId; 351 IPSEC_SA_DETAILS0 *inboundSa; 352 IPSEC_SA_DETAILS0 *outboundSa; 353 } IPSEC_SA_CONTEXT0; 354 355 typedef struct IPSEC_GETSPI0_ { 356 IPSEC_TRAFFIC0 inboundIpsecTraffic; 357 FWP_IP_VERSION ipVersion; 358 __C89_NAMELESS union { 359 IPSEC_V4_UDP_ENCAPSULATION0 *inboundUdpEncapsulation; 360 ; // case(FWP_IP_VERSION_V6) 361 }; 362 IPSEC_CRYPTO_MODULE_ID *rngCryptoModuleID; 363 } IPSEC_GETSPI0; 364 365 typedef struct IPSEC_SA_ENUM_TEMPLATE0_ { 366 FWP_DIRECTION saDirection; 367 } IPSEC_SA_ENUM_TEMPLATE0; 368 369 typedef struct IPSEC_SA_CONTEXT_ENUM_TEMPLATE0_ { 370 FWP_CONDITION_VALUE0 localSubNet; 371 FWP_CONDITION_VALUE0 remoteSubNet; 372 } IPSEC_SA_CONTEXT_ENUM_TEMPLATE0; 373 374 #endif /*(_WIN32_WINNT >= 0x0600)*/ 375 #if (_WIN32_WINNT >= 0x0601) 376 377 typedef struct IPSEC_TUNNEL_ENDPOINTS1_ { 378 FWP_IP_VERSION ipVersion; 379 __C89_NAMELESS union { 380 UINT32 localV4Address; 381 UINT8 localV6Address[16]; 382 }; 383 __C89_NAMELESS union { 384 UINT32 remoteV4Address; 385 UINT8 remoteV6Address[16]; 386 }; 387 UINT64 localIfLuid; 388 } IPSEC_TUNNEL_ENDPOINTS1; 389 390 typedef struct IPSEC_TUNNEL_POLICY1_ { 391 UINT32 flags; 392 UINT32 numIpsecProposals; 393 IPSEC_PROPOSAL0 *ipsecProposals; 394 IPSEC_TUNNEL_ENDPOINTS1 tunnelEndpoints; 395 IPSEC_SA_IDLE_TIMEOUT0 saIdleTimeout; 396 IKEEXT_EM_POLICY1 *emPolicy; 397 } IPSEC_TUNNEL_POLICY1; 398 399 typedef struct IPSEC_TRANSPORT_POLICY1_ { 400 UINT32 numIpsecProposals; 401 IPSEC_PROPOSAL0 *ipsecProposals; 402 UINT32 flags; 403 UINT32 ndAllowClearTimeoutSeconds; 404 IPSEC_SA_IDLE_TIMEOUT0 saIdleTimeout; 405 IKEEXT_EM_POLICY1 *emPolicy; 406 } IPSEC_TRANSPORT_POLICY1; 407 408 typedef struct _IPSEC_DOSP_OPTIONS0 { 409 UINT32 stateIdleTimeoutSeconds; 410 UINT32 perIPRateLimitQueueIdleTimeoutSeconds; 411 UINT8 ipV6IPsecUnauthDscp; 412 UINT32 ipV6IPsecUnauthRateLimitBytesPerSec; 413 UINT32 ipV6IPsecUnauthPerIPRateLimitBytesPerSec; 414 UINT8 ipV6IPsecAuthDscp; 415 UINT32 ipV6IPsecAuthRateLimitBytesPerSec; 416 UINT8 icmpV6Dscp; 417 UINT32 icmpV6RateLimitBytesPerSec; 418 UINT8 ipV6FilterExemptDscp; 419 UINT32 ipV6FilterExemptRateLimitBytesPerSec; 420 UINT8 defBlockExemptDscp; 421 UINT32 defBlockExemptRateLimitBytesPerSec; 422 UINT32 maxStateEntries; 423 UINT32 maxPerIPRateLimitQueues; 424 UINT32 flags; 425 UINT32 numPublicIFLuids; 426 UINT64 *publicIFLuids; 427 UINT32 numInternalIFLuids; 428 UINT64 *internalIFLuids; 429 FWP_V6_ADDR_AND_MASK publicV6AddrMask; 430 FWP_V6_ADDR_AND_MASK internalV6AddrMask; 431 } IPSEC_DOSP_OPTIONS0; 432 433 typedef struct _IPSEC_DOSP_STATISTICS0 { 434 UINT64 totalStateEntriesCreated; 435 UINT64 currentStateEntries; 436 UINT64 totalInboundAllowedIPv6IPsecUnauthPkts; 437 UINT64 totalInboundRatelimitDiscardedIPv6IPsecUnauthPkts; 438 UINT64 totalInboundPerIPRatelimitDiscardedIPv6IPsecUnauthPkts; 439 UINT64 totalInboundOtherDiscardedIPv6IPsecUnauthPkts; 440 UINT64 totalInboundAllowedIPv6IPsecAuthPkts; 441 UINT64 totalInboundRatelimitDiscardedIPv6IPsecAuthPkts; 442 UINT64 totalInboundOtherDiscardedIPv6IPsecAuthPkts; 443 UINT64 totalInboundAllowedICMPv6Pkts; 444 UINT64 totalInboundRatelimitDiscardedICMPv6Pkts; 445 UINT64 totalInboundAllowedIPv6FilterExemptPkts; 446 UINT64 totalInboundRatelimitDiscardedIPv6FilterExemptPkts; 447 UINT64 totalInboundDiscardedIPv6FilterBlockPkts; 448 UINT64 totalInboundAllowedDefBlockExemptPkts; 449 UINT64 totalInboundRatelimitDiscardedDefBlockExemptPkts; 450 UINT64 totalInboundDiscardedDefBlockPkts; 451 UINT64 currentInboundIPv6IPsecUnauthPerIPRateLimitQueues; 452 } IPSEC_DOSP_STATISTICS0; 453 454 typedef struct _IPSEC_DOSP_STATE_ENUM_TEMPLATE0 { 455 FWP_V6_ADDR_AND_MASK publicV6AddrMask; 456 FWP_V6_ADDR_AND_MASK internalV6AddrMask; 457 } IPSEC_DOSP_STATE_ENUM_TEMPLATE0; 458 459 typedef struct _IPSEC_DOSP_STATE0 { 460 UINT8 publicHostV6Addr[16]; 461 UINT8 internalHostV6Addr[16]; 462 UINT64 totalInboundIPv6IPsecAuthPackets; 463 UINT64 totalOutboundIPv6IPsecAuthPackets; 464 UINT32 durationSecs; 465 } IPSEC_DOSP_STATE0; 466 467 typedef struct IPSEC_TRAFFIC_STATISTICS1_ { 468 UINT64 encryptedByteCount; 469 UINT64 authenticatedAHByteCount; 470 UINT64 authenticatedESPByteCount; 471 UINT64 transportByteCount; 472 UINT64 tunnelByteCount; 473 UINT64 offloadByteCount; 474 UINT64 totalSuccessfulPackets; 475 } IPSEC_TRAFFIC_STATISTICS1; 476 477 typedef struct IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1_ { 478 UINT32 invalidSpisOnInbound; 479 UINT32 decryptionFailuresOnInbound; 480 UINT32 authenticationFailuresOnInbound; 481 UINT32 udpEspValidationFailuresOnInbound; 482 UINT32 replayCheckFailuresOnInbound; 483 UINT32 invalidClearTextInbound; 484 UINT32 saNotInitializedOnInbound; 485 UINT32 receiveOverIncorrectSaInbound; 486 UINT32 secureReceivesNotMatchingFilters; 487 UINT32 totalDropPacketsInbound; 488 } IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1; 489 490 typedef struct IPSEC_STATISTICS1_ { 491 IPSEC_AGGREGATE_SA_STATISTICS0 aggregateSaStatistics; 492 IPSEC_ESP_DROP_PACKET_STATISTICS0 espDropPacketStatistics; 493 IPSEC_AH_DROP_PACKET_STATISTICS0 ahDropPacketStatistics; 494 IPSEC_AGGREGATE_DROP_PACKET_STATISTICS1 aggregateDropPacketStatistics; 495 IPSEC_TRAFFIC_STATISTICS1 inboundTrafficStatistics; 496 IPSEC_TRAFFIC_STATISTICS1 outboundTrafficStatistics; 497 } IPSEC_STATISTICS1; 498 499 typedef struct IPSEC_SA_BUNDLE1_ { 500 UINT32 flags; 501 IPSEC_SA_LIFETIME0 lifetime; 502 UINT32 idleTimeoutSeconds; 503 UINT32 ndAllowClearTimeoutSeconds; 504 IPSEC_ID0 *ipsecId; 505 UINT32 napContext; 506 UINT32 qmSaId; 507 UINT32 numSAs; 508 IPSEC_SA0 *saList; 509 IPSEC_KEYMODULE_STATE0 *keyModuleState; 510 FWP_IP_VERSION ipVersion; 511 __C89_NAMELESS union { 512 UINT32 peerV4PrivateAddress; 513 ; // case(FWP_IP_VERSION_V6) 514 }; 515 UINT64 mmSaId; 516 IPSEC_PFS_GROUP pfsGroup; 517 GUID saLookupContext; 518 UINT64 qmFilterId; 519 } IPSEC_SA_BUNDLE1; 520 521 typedef struct _IPSEC_VIRTUAL_IF_TUNNEL_INFO0 { 522 UINT64 virtualIfTunnelId; 523 UINT64 trafficSelectorId; 524 } IPSEC_VIRTUAL_IF_TUNNEL_INFO0; 525 526 typedef struct IPSEC_TRAFFIC1_ { 527 FWP_IP_VERSION ipVersion; 528 __C89_NAMELESS union { 529 UINT32 localV4Address; 530 UINT8 localV6Address[16]; 531 }; 532 __C89_NAMELESS union { 533 UINT32 remoteV4Address; 534 UINT8 remoteV6Address[16]; 535 }; 536 IPSEC_TRAFFIC_TYPE trafficType; 537 __C89_NAMELESS union { 538 UINT64 ipsecFilterId; 539 UINT64 tunnelPolicyId; 540 }; 541 UINT16 remotePort; 542 UINT16 localPort; 543 UINT8 ipProtocol; 544 UINT64 localIfLuid; 545 UINT32 realIfProfileId; 546 } IPSEC_TRAFFIC1; 547 548 typedef struct IPSEC_SA_DETAILS1_ { 549 FWP_IP_VERSION ipVersion; 550 FWP_DIRECTION saDirection; 551 IPSEC_TRAFFIC1 traffic; 552 IPSEC_SA_BUNDLE1 saBundle; 553 __C89_NAMELESS union { 554 IPSEC_V4_UDP_ENCAPSULATION0 *udpEncapsulation; 555 ; // case(FWP_IP_VERSION_V6) 556 }; 557 FWPM_FILTER0 *transportFilter; 558 IPSEC_VIRTUAL_IF_TUNNEL_INFO0 *virtualIfTunnelInfo; 559 } IPSEC_SA_DETAILS1; 560 561 typedef struct IPSEC_SA_CONTEXT1_ { 562 UINT64 saContextId; 563 IPSEC_SA_DETAILS1 *inboundSa; 564 IPSEC_SA_DETAILS1 *outboundSa; 565 } IPSEC_SA_CONTEXT1; 566 567 typedef struct IPSEC_GETSPI1_ { 568 IPSEC_TRAFFIC1 inboundIpsecTraffic; 569 FWP_IP_VERSION ipVersion; 570 __C89_NAMELESS union { 571 IPSEC_V4_UDP_ENCAPSULATION0 *inboundUdpEncapsulation; 572 ; // case(FWP_IP_VERSION_V6) 573 }; 574 IPSEC_CRYPTO_MODULE_ID *rngCryptoModuleID; 575 } IPSEC_GETSPI1; 576 577 typedef struct _IPSEC_ADDRESS_INFO0 { 578 UINT32 numV4Addresses; 579 UINT32 *v4Addresses; 580 UINT32 numV6Addresses; 581 FWP_BYTE_ARRAY16 *v6Addresses; 582 } IPSEC_ADDRESS_INFO0; 583 584 #endif /*(_WIN32_WINNT >= 0x0601)*/ 585 #ifdef __cplusplus 586 } 587 #endif 588 589 #endif /*_INC_IPSECTYPES*/ 590