diff options
-rw-r--r-- | share/man/man4/Makefile | 4 | ||||
-rw-r--r-- | share/man/man4/options.4 | 9 | ||||
-rw-r--r-- | share/man/man4/pipex.4 | 296 |
3 files changed, 304 insertions, 5 deletions
diff --git a/share/man/man4/Makefile b/share/man/man4/Makefile index 1e0332b2255..68ec9649bda 100644 --- a/share/man/man4/Makefile +++ b/share/man/man4/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.536 2012/09/19 16:33:04 jsg Exp $ +# $OpenBSD: Makefile,v 1.537 2012/09/19 18:30:03 yasuoka Exp $ MAN= aac.4 ac97.4 acphy.4 \ acpi.4 acpiac.4 acpiasus.4 acpibat.4 acpibtn.4 acpicpu.4 acpidock.4 \ @@ -43,7 +43,7 @@ MAN= aac.4 ac97.4 acphy.4 \ owid.4 owctr.4 owsbm.4 \ owtemp.4 pcagpio.4 pcaled.4 pcdisplay.4 pchb.4 pci.4 pcib.4 pcfadc.4 \ pcfiic.4 pciide.4 pckbc.4 pckbd.4 pcmcia.4 pcn.4 pcppi.4 pcscp.4 \ - pf.4 pflog.4 pflow.4 pfsync.4 pgt.4 piixpm.4 pim.4 \ + pf.4 pflog.4 pflow.4 pfsync.4 pgt.4 piixpm.4 pim.4 pipex.4 \ pms.4 ppb.4 ppp.4 pppoe.4 pty.4 puc.4 pwdog.4 qsphy.4 radio.4 \ ral.4 random.4 ray.4 rd.4 rdac.4 re.4 rdcphy.4 rgephy.4 ricohrtc.4 \ rl.4 rlphy.4 route.4 rsu.4 rt.4 rum.4 run.4 \ diff --git a/share/man/man4/options.4 b/share/man/man4/options.4 index 86ab8b7b181..8a370675b90 100644 --- a/share/man/man4/options.4 +++ b/share/man/man4/options.4 @@ -1,4 +1,4 @@ -.\" $OpenBSD: options.4,v 1.227 2012/08/23 14:36:43 jmc Exp $ +.\" $OpenBSD: options.4,v 1.228 2012/09/19 18:30:03 yasuoka Exp $ .\" $NetBSD: options.4,v 1.21 1997/06/25 03:13:00 thorpej Exp $ .\" .\" Copyright (c) 1998 Theo de Raadt @@ -34,7 +34,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" -.Dd $Mdocdate: August 23 2012 $ +.Dd $Mdocdate: September 19 2012 $ .Dt OPTIONS 4 .Os .Sh NAME @@ -536,7 +536,10 @@ See .Xr sysctl 3 for details. .It Cd option PIPEX -Includes PIPEX in-kernel acceleration for PPPoE, L2TP or PPTP. +Includes pipex in-kernel acceleration for PPPoE, L2TP or PPTP. +See +.Xr pipex 4 +for details. .It Cd option PPP_BSDCOMP Enables BSD compressor for PPP connections. .It Cd option PPP_DEFLATE diff --git a/share/man/man4/pipex.4 b/share/man/man4/pipex.4 new file mode 100644 index 00000000000..2a85b840153 --- /dev/null +++ b/share/man/man4/pipex.4 @@ -0,0 +1,296 @@ +.\" $OpenBSD: pipex.4,v 1.1 2012/09/19 18:30:03 yasuoka Exp $ +.\" +.\" Copyright (c) 2012 YASUOKA Masahiko <yasuoka@openbsd.org> +.\" Copyright (c) 2010 SUENAGA Hiroki <hsuenaga@openbsd.org> +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.Dd $Mdocdate: September 19 2012 $ +.Dt PIPEX 4 +.Os +.Sh NAME +.Nm pipex +.Nd "Ppp IP EXtension to handle IP/PPP frames in-kernel" +.Sh SYNOPSIS +.Cd +.Cd "option PIPEX" +.Pp +.Fd #include <sys/socket.h> +.Fd #include <sys/ioctl.h> +.Fd #include <net/piepx.h> +.Sh DESCRIPTION +The +.Nm +used with +.Xr tun 4 +and +.Xr pppx 4 , +and it handles PPP frames and forwards IP packets in-kernel. +This accelerates the performance of packet forwarding, because it reduces +copy of packets between kernel and userland. +.Pp +The +.Nm +is disabled by default. +To enable it, set the +.Va net.pipex.enable +to `1' by +.Xr sysctl 8 +or +.Xr sysctl.conf 5 . +.Pp +The +.Nm +add extensional ioctl request to +.Xr tun 4 +or +.Xr pppx 4 +device. +Added +.Xr ioctl 2 +requests are following: +.Bl -tag -width Ds +.It Dv PIPEXSMODE Fa "int *" +Get the devices's +.Nm +operation mode. +1 for enable +.Nm +on this device, 0 for disable. +.It Dv PIPEXGMODE Fa "int *" +Set the device's +.Nm +operation mode. +1 for enable +.Nm +on this device, 0 for disable. +.It Dv PIPEXASESSION Fa "struct pipex_session_req *" +Add a new PPP sesssion to be handled by the +.Nm . +The status of the session pass by +.Vt pipex_session_req +structure. +The +.Vt pipex_session_req +has following definition. +.Pp +.Bd -literal +struct pipex_session_req { + int pr_protocol; /* tunnel protocol */ +#define PIPEX_PROTO_L2TP 1 /* protocol L2TP */ +#define PIPEX_PROTO_PPTP 2 /* protocol PPTP */ +#define PIPEX_PROTO_PPPOE 3 /* protocol PPPoE */ + uint16_t pr_session_id; /* session-id */ + uint16_t pr_peer_session_id; /* peer's session-id */ + uint32_t pr_ppp_flags; /* ppp configuration flags */ +#define PIPEX_PPP_ACFC_ACCEPTED 0x0001 /* ACFC accepted */ +#define PIPEX_PPP_PFC_ACCEPTED 0x0002 /* PFC accepted */ +#define PIPEX_PPP_ACFC_ENABLED 0x0004 /* ACFC enabled */ +#define PIPEX_PPP_PFC_ENABLED 0x0008 /* PFC enabled */ +#define PIPEX_PPP_MPPE_ACCEPTED 0x0010 /* MPPE accepted */ +#define PIPEX_PPP_MPPE_ENABLED 0x0020 /* MPPE enabled */ +#define PIPEX_PPP_MPPE_REQUIRED 0x0040 /* MPPE is required */ +#define PIPEX_PPP_HAS_ACF 0x0080 /* has ACF */ +#define PIPEX_PPP_ADJUST_TCPMSS 0x0100 /* do tcpmss adjustment */ +#define PIPEX_PPP_INGRESS_FILTER 0x0200 /* do ingress filter */ + int8_t pr_ccp_id; /* ccp current packet id */ + int pr_ppp_id; /* ppp id. */ + uint16_t pr_peer_mru; /* peer's mru */ + uint16_t pr_timeout_sec; /* idle timer */ + + struct in_addr pr_ip_srcaddr; /* local IP address. + not used by tun(4) */ + struct in_addr pr_ip_address; /* framed IP address */ + struct in_addr pr_ip_netmask; /* framed IP netmask */ + struct sockaddr_in6 pr_ip6_address; /* framed IPv6 address */ + int pr_ip6_prefixlen; /* framed IPv6 prefix + length */ + union { + struct { + uint32_t snd_nxt; /* send next */ + uint32_t rcv_nxt; /* receive next */ + uint32_t snd_una; /* unacked */ + uint32_t rcv_acked; /* recv acked */ + int winsz; /* window size */ + int maxwinsz; /* max window size */ + int peer_maxwinsz; /* peer's max window size */ + } pptp; + struct { + /* select protocol options: 1 for enable */ + uint32_t option_flags; + #define PIPEX_L2TP_USE_SEQUENCING 0x00000001 + /* use sequence number + on L2TP data messages */ + + uint16_t tunnel_id; /* our tunnel-id */ + uint16_t peer_tunnel_id; /* peer's tunnel-id */ + uint32_t ns_nxt; /* send next */ + uint32_t nr_nxt; /* receive next */ + uint32_t ns_una; /* unacked */ + uint32_t nr_acked; /* recv acked */ + uint32_t ipsecflowinfo; /* IPsec flow id for NAT-T */ + } l2tp; + struct { + char over_ifname[IF_NAMESIZE]; + /* ethernet ifname */ + } pppoe; + } pr_proto; + struct sockaddr_storage pr_peer_address; + /* peer address of tunnel */ + struct sockaddr_storage pr_local_address; + /* our address of tunnel */ + struct pipex_mppe_req pr_mppe_recv; + /* mppe key for receive */ + struct pipex_mppe_req pr_mppe_send; + /* mppe key for send */ +}; +.Ed +.Pp +The +.Vt pipex_mppe_req +structure that was used by +.Va pr_mppe_recv +and +.Va pr_mppe_send +has following definition: +.Bd -literal +struct pipex_mppe_req { + int16_t stateless; /* mppe key mode. + 1 for stateless */ + int16_t keylenbits; /* mppe key length(in bits)*/ + u_char master_key[PIPEX_MPPE_KEYLEN]; + /* mppe mastter key */ +}; +.Ed +.It Dv PIPEXDSESSION Fa "struct pipex_session_close_req *" +Delete the specified session from the kernel. +Specify the session by +.Vt pipex_session_stat_req +structure that has following definition: +.Bd -literal +struct pipex_session_stat_req { + int psr_protocol; /* tunnel protocol */ + uint16_t psr_session_id; /* session-id */ + struct pipex_statistics psr_stat; /* statistics */ +}; +.Ed +.Pp +It's required to fill +.Va psr_protocol +field and +.Va psr_session_id +field to specify the session. +On successfully returned, the +.Va psr_stat +field is filled by the kernel. +See +.Dv PIPEXGSTAT +section for +.Vt pipex_statistics +structure. +.It Dv PIPEXCSESSION Fa "struct pipex_session_config_req *" +Change configuration of the specified session. +The session and configuration are specified by +.Vt pipex_session_config_req +structure that has following definition: +.Bd -literal +struct pipex_session_config_req { + int pcr_protocol; /* tunnel protocol */ + uint16_t pcr_session_id; /* session-id */ + int pcr_ip_forward; /* ip_forwarding on/off */ +}; +.Ed +.It Dv PIPEXGSTAT Fa "struct pipex_session_stat_req *" +Get a statistics information of the specified session. +Specify the session by +.Vt pipex_session_stat_req +structure that has following definition: +.Bd -literal +struct pipex_session_stat_req { + int psr_protocol; /* tunnel protocol */ + uint16_t psr_session_id; /* session-id */ + struct pipex_statistics psr_stat; /* statistics */ +}; +.Ed +.Pp +It's required to fill +.Va psr_protocol +field and +.Va psr_session_id +field to specify the session. +On successfully returned, the +.Va psr_stat +field is filled by the kernel. +The +.Vt pipex_statistics +structure has following definition: +.Bd -literal +struct pipex_statistics { + uint32_t ipackets; /* packets received from tunnel */ + uint32_t ierrors; /* error packets received from tunnel */ + uint64_t ibytes; /* number of received bytes from tunnel */ + uint32_t opackets; /* packets sent to tunnel */ + uint32_t oerrors; /* error packets on sending to tunnel */ + uint64_t obytes; /* number of sent bytes to tunnel */ + + uint32_t idle_time; /* idle time in seconds */ +}; +.Ed +.It Dv PIPEXGCLOSED Fa "struct pipex_session_list_req *" +Get list of closed sessions. +The +.Nm +reserves closed sessions for 30 seconds for userland program to get statistics +information. +On successfully returned, +The +.Vt pipex_session_list_req +structure is filled by the kernel. +The structure has following definition. +.Bd -literal +struct pipex_session_list_req { + uint8_t plr_flags; +#define PIPEX_LISTREQ_MORE 0x01 /* has more session */ + int plr_ppp_id_count; /* count of PPP id */ + int plr_ppp_id[PIPEX_MAX_LISTREQ]; /* PPP id */ +}; +.Ed +.It Dv PIPEXSIFDESCR Fa "struct pipex_session_descr_req *" +Set the +.Xr pppx 4 +interface's description of the session. +This command doesn't work on +.Xr tun 4 +device. +Specify the session and the description by +.Vt pipex_session_descr_req +structure that has following definition: +.Bd -literal +struct pipex_session_descr_req { + int pdr_protocol; /* tunnel protocol */ + uint16_t pdr_session_id; /* session-id */ + char pdr_descr[IFDESCRSIZE]; /* description */ +}; +.Ed +.El +.Sh SEE ALSO +.Xr ioctl 2 +.Xr tun 4 +.\" .Xr pppx 4 +.Xr sysctl.conf 5 +.Xr npppd 8 +.Xr sysctl 8 +.Sh AUTHORS +The +.Nm +was written by Internet Initiative Japan Inc. |