diff options
| author | Niels Provos <provos@cvs.openbsd.org> | 1999-03-27 21:04:22 +0000 |
|---|---|---|
| committer | Niels Provos <provos@cvs.openbsd.org> | 1999-03-27 21:04:22 +0000 |
| commit | defd96f785a6fc79d07307a2e69e27c048f432af (patch) | |
| tree | 22a5f004782330ad329e92ec854e4f9bb9d51b5c /sys/netinet/in.h | |
| parent | bdf0fa84baff8b71398e2760eb959d794df83839 (diff) | |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing
SA to be used, use this SA in ip_output if available. allow mobile road
warriors for bind SAs with wildcard dst and src addresses. check IPSEC
AUTH and ESP level when receiving packets, drop them if protection is
insufficient. add stats to show dropped packets because of insufficient
IPSEC protection. -- phew. this was all done in canada. dugsong and linh
provided the ride and company.
Diffstat (limited to 'sys/netinet/in.h')
| -rw-r--r-- | sys/netinet/in.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/netinet/in.h b/sys/netinet/in.h index 38bd73db826..d58c46f1bc5 100644 --- a/sys/netinet/in.h +++ b/sys/netinet/in.h @@ -1,4 +1,4 @@ -/* $OpenBSD: in.h,v 1.20 1999/03/24 02:31:03 cmetz Exp $ */ +/* $OpenBSD: in.h,v 1.21 1999/03/27 21:04:21 provos Exp $ */ /* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */ /* @@ -379,6 +379,8 @@ struct ip_opts { #define ICMPV6_FILTER 38 /* struct icmpv6_filter; get/set filter */ #define ICMP6_FILTER ICMP6_FILTER +#define IPSEC_OUTSA 39 /* set the outbound SA for a socket */ + /* * Security levels - IPsec, not IPSO */ |