1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
|
/* $OpenBSD: in.h,v 1.9 1997/07/02 00:18:55 millert Exp $ */
/* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */
/*
* Copyright (c) 1982, 1986, 1990, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)in.h 8.3 (Berkeley) 1/3/94
*/
/*
* Constants and structures defined by the internet system,
* Per RFC 790, September 1981, and numerous additions.
*/
#ifndef _NETINET_IN_H_
#define _NETINET_IN_H_
/*
* Protocols
*/
#define IPPROTO_IP 0 /* dummy for IP */
#define IPPROTO_ICMP 1 /* control message protocol */
#define IPPROTO_IGMP 2 /* group mgmt protocol */
#define IPPROTO_GGP 3 /* gateway^2 (deprecated) */
#define IPPROTO_IPIP 4 /* IP inside IP */
#define IPPROTO_TCP 6 /* tcp */
#define IPPROTO_EGP 8 /* exterior gateway protocol */
#define IPPROTO_PUP 12 /* pup */
#define IPPROTO_UDP 17 /* user datagram protocol */
#define IPPROTO_IDP 22 /* xns idp */
#define IPPROTO_TP 29 /* tp-4 w/ class negotiation */
#define IPPROTO_ESP 50 /* Encap. Security Payload */
#define IPPROTO_AH 51 /* Authentication header */
#define IPPROTO_EON 80 /* ISO cnlp */
#define IPPROTO_ENCAP 98 /* encapsulation header */
#define IPPROTO_RAW 255 /* raw IP packet */
#define IPPROTO_MAX 256
/*
* From FreeBSD:
*
* Local port number conventions:
*
* When a user does a bind(2) or connect(2) with a port number of zero,
* a non-conflicting local port address is chosen.
* The default range is IPPORT_RESERVED through
* IPPORT_USERRESERVED, although that is settable by sysctl.
*
* A user may set the IPPROTO_IP option IP_PORTRANGE to change this
* default assignment range.
*
* The value IP_PORTRANGE_DEFAULT causes the default behavior.
*
* The value IP_PORTRANGE_HIGH changes the range of candidate port numbers
* into the "high" range. These are reserved for client outbound connections
* which do not want to be filtered by any firewalls.
*
* The value IP_PORTRANGE_LOW changes the range to the "low" are
* that is (by convention) restricted to privileged processes. This
* convention is based on "vouchsafe" principles only. It is only secure
* if you trust the remote host to restrict these ports.
*
* The default range of ports and the high range can be changed by
* sysctl(3). (net.inet.ip.port{hi}{first,last})
*
* Changing those values has bad security implications if you are
* using a a stateless firewall that is allowing packets outside of that
* range in order to allow transparent outgoing connections.
*
* Such a firewall configuration will generally depend on the use of these
* default values. If you change them, you may find your Security
* Administrator looking for you with a heavy object.
*/
/*
* Ports < IPPORT_RESERVED are reserved for
* privileged processes (e.g. root).
* Ports > IPPORT_USERRESERVED are reserved
* for servers, not necessarily privileged.
*/
#define IPPORT_RESERVED 1024
#define IPPORT_USERRESERVED 5000
/*
* Default local port range to use by setting IP_PORTRANGE_HIGH
*/
#define IPPORT_HIFIRSTAUTO 40000
#define IPPORT_HILASTAUTO 44999
/*
* Internet address (a structure for historical reasons)
*/
struct in_addr {
u_int32_t s_addr;
};
/*
* Definitions of bits in internet address integers.
* On subnets, the decomposition of addresses to host and net parts
* is done according to subnet mask, not the masks here.
*
* By byte-swapping the constants, we avoid ever having to byte-swap IP
* addresses inside the kernel. Unfortunately, user-level programs rely
* on these macros not doing byte-swapping.
*/
#ifdef _KERNEL
#define __IPADDR(x) ((u_int32_t) htonl((u_int32_t)(x)))
#else
#define __IPADDR(x) ((u_int32_t)(x))
#endif
#define IN_CLASSA(i) (((u_int32_t)(i) & __IPADDR(0x80000000)) == \
__IPADDR(0x00000000))
#define IN_CLASSA_NET __IPADDR(0xff000000)
#define IN_CLASSA_NSHIFT 24
#define IN_CLASSA_HOST __IPADDR(0x00ffffff)
#define IN_CLASSA_MAX 128
#define IN_CLASSB(i) (((u_int32_t)(i) & __IPADDR(0xc0000000)) == \
__IPADDR(0x80000000))
#define IN_CLASSB_NET __IPADDR(0xffff0000)
#define IN_CLASSB_NSHIFT 16
#define IN_CLASSB_HOST __IPADDR(0x0000ffff)
#define IN_CLASSB_MAX 65536
#define IN_CLASSC(i) (((u_int32_t)(i) & __IPADDR(0xe0000000)) == \
__IPADDR(0xc0000000))
#define IN_CLASSC_NET __IPADDR(0xffffff00)
#define IN_CLASSC_NSHIFT 8
#define IN_CLASSC_HOST __IPADDR(0x000000ff)
#define IN_CLASSD(i) (((u_int32_t)(i) & __IPADDR(0xf0000000)) == \
__IPADDR(0xe0000000))
/* These ones aren't really net and host fields, but routing needn't know. */
#define IN_CLASSD_NET __IPADDR(0xf0000000)
#define IN_CLASSD_NSHIFT 28
#define IN_CLASSD_HOST __IPADDR(0x0fffffff)
#define IN_MULTICAST(i) IN_CLASSD(i)
#define IN_EXPERIMENTAL(i) (((u_int32_t)(i) & __IPADDR(0xf0000000)) == \
__IPADDR(0xf0000000))
#define IN_BADCLASS(i) (((u_int32_t)(i) & __IPADDR(0xf0000000)) == \
__IPADDR(0xf0000000))
#define IN_LOCAL_GROUP(i) (((u_int32_t)(i) & __IPADDR(0xffffff00)) == \
__IPADDR(0xe0000000))
#define INADDR_ANY __IPADDR(0x00000000)
#define INADDR_LOOPBACK __IPADDR(0x7f000001)
#define INADDR_BROADCAST __IPADDR(0xffffffff) /* must be masked */
#ifndef _KERNEL
#define INADDR_NONE __IPADDR(0xffffffff) /* -1 return */
#endif
#define INADDR_UNSPEC_GROUP __IPADDR(0xe0000000) /* 224.0.0.0 */
#define INADDR_ALLHOSTS_GROUP __IPADDR(0xe0000001) /* 224.0.0.1 */
#define INADDR_MAX_LOCAL_GROUP __IPADDR(0xe00000ff) /* 224.0.0.255 */
#define IN_LOOPBACKNET 127 /* official! */
/*
* Socket address, internet style.
*/
struct sockaddr_in {
u_int8_t sin_len;
u_int8_t sin_family;
u_int16_t sin_port;
struct in_addr sin_addr;
int8_t sin_zero[8];
};
/*
* Structure used to describe IP options.
* Used to store options internally, to pass them to a process,
* or to restore options retrieved earlier.
* The ip_dst is used for the first-hop gateway when using a source route
* (this gets put into the header proper).
*/
struct ip_opts {
struct in_addr ip_dst; /* first hop, 0 w/o src rt */
int8_t ip_opts[40]; /* actually variable in size */
};
/*
* Options for use with [gs]etsockopt at the IP level.
* First word of comment is data type; bool is stored in int.
*/
#define IP_OPTIONS 1 /* buf/ip_opts; set/get IP options */
#define IP_HDRINCL 2 /* int; header is included with data */
#define IP_TOS 3 /* int; IP type of service and preced. */
#define IP_TTL 4 /* int; IP time to live */
#define IP_RECVOPTS 5 /* bool; receive all IP opts w/dgram */
#define IP_RECVRETOPTS 6 /* bool; receive IP opts for response */
#define IP_RECVDSTADDR 7 /* bool; receive IP dst addr w/dgram */
#define IP_RETOPTS 8 /* ip_opts; set/get IP options */
#define IP_MULTICAST_IF 9 /* in_addr; set/get IP multicast i/f */
#define IP_MULTICAST_TTL 10 /* u_char; set/get IP multicast ttl */
#define IP_MULTICAST_LOOP 11 /* u_char; set/get IP multicast loopback */
#define IP_ADD_MEMBERSHIP 12 /* ip_mreq; add an IP group membership */
#define IP_DROP_MEMBERSHIP 13 /* ip_mreq; drop an IP group membership */
/* 14-17 left empty for future compatibility with FreeBSD */
#define IP_PORTRANGE 19 /* int; range to choose for unspec port */
#define IP_AUTH_LEVEL 20 /* u_char; authentication used */
#define IP_ESP_TRANS_LEVEL 21 /* u_char; transport encryption */
#define IP_ESP_NETWORK_LEVEL 22 /* u_char; full-packet encryption */
/*
* Security levels - IPsec, not IPSO
*/
#define IPSEC_LEVEL_BYPASS 0x00 /* Bypass policy altogether */
#define IPSEC_LEVEL_NONE 0x00 /* Send clear, accept any */
#define IPSEC_LEVEL_AVAIL 0x01 /* Send secure if SA available */
#define IPSEC_LEVEL_USE 0x02 /* Send secure, accept any */
#define IPSEC_LEVEL_REQUIRE 0x03 /* Require secure inbound, also use */
#define IPSEC_LEVEL_UNIQUE 0x04 /* Use outbound SA that is unique */
#define IPSEC_LEVEL_DEFAULT IPSEC_LEVEL_NONE
#define IPSEC_AUTH_LEVEL_DEFAULT IPSEC_LEVEL_DEFAULT
#define IPSEC_ESP_TRANS_LEVEL_DEFAULT IPSEC_LEVEL_DEFAULT
#define IPSEC_ESP_NETWORK_LEVEL_DEFAULT IPSEC_LEVEL_DEFAULT
/*
* Defaults and limits for options
*/
#define IP_DEFAULT_MULTICAST_TTL 1 /* normally limit m'casts to 1 hop */
#define IP_DEFAULT_MULTICAST_LOOP 1 /* normally hear sends if a member */
#define IP_MAX_MEMBERSHIPS 20 /* per socket; must fit in one mbuf */
/*
* Argument structure for IP_ADD_MEMBERSHIP and IP_DROP_MEMBERSHIP.
*/
struct ip_mreq {
struct in_addr imr_multiaddr; /* IP multicast address of group */
struct in_addr imr_interface; /* local IP address of interface */
};
/*
* Argument for IP_PORTRANGE:
* - which range to search when port is unspecified at bind() or connect()
*/
#define IP_PORTRANGE_DEFAULT 0 /* default range */
#define IP_PORTRANGE_HIGH 1 /* "high" - request firewall bypass */
#define IP_PORTRANGE_LOW 2 /* "low" - vouchsafe security */
/*
* Definitions for inet sysctl operations.
*
* Third level is protocol number.
* Fourth level is desired variable within that protocol.
*/
#define IPPROTO_MAXID (IPPROTO_IDP + 1) /* don't list to IPPROTO_MAX */
#define CTL_IPPROTO_NAMES { \
{ "ip", CTLTYPE_NODE }, \
{ "icmp", CTLTYPE_NODE }, \
{ "igmp", CTLTYPE_NODE }, \
{ "ggp", CTLTYPE_NODE }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ "tcp", CTLTYPE_NODE }, \
{ 0, 0 }, \
{ "egp", CTLTYPE_NODE }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ "pup", CTLTYPE_NODE }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ "udp", CTLTYPE_NODE }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ 0, 0 }, \
{ "idp", CTLTYPE_NODE }, \
}
/*
* Names for IP sysctl objects
*/
#define IPCTL_FORWARDING 1 /* act as router */
#define IPCTL_SENDREDIRECTS 2 /* may send redirects when forwarding */
#define IPCTL_DEFTTL 3 /* default TTL */
#ifdef notyet
#define IPCTL_DEFMTU 4 /* default MTU */
#endif
#define IPCTL_SOURCEROUTE 5 /* may perform source routes */
#define IPCTL_DIRECTEDBCAST 6 /* default broadcast behavior */
#define IPCTL_IPPORT_FIRSTAUTO 7
#define IPCTL_IPPORT_LASTAUTO 8
#define IPCTL_IPPORT_HIFIRSTAUTO 9
#define IPCTL_IPPORT_HILASTAUTO 10
#define IPCTL_MAXID 11
#define IPCTL_NAMES { \
{ 0, 0 }, \
{ "forwarding", CTLTYPE_INT }, \
{ "redirect", CTLTYPE_INT }, \
{ "ttl", CTLTYPE_INT }, \
{ "mtu", CTLTYPE_INT }, \
{ "sourceroute", CTLTYPE_INT }, \
{ "directed-broadcast", CTLTYPE_INT }, \
{ "portfirst", CTLTYPE_INT }, \
{ "portlast", CTLTYPE_INT }, \
{ "porthifirst", CTLTYPE_INT }, \
{ "porthilast", CTLTYPE_INT }, \
}
#ifndef _KERNEL
#include <sys/cdefs.h>
__BEGIN_DECLS
int bindresvport __P((int, struct sockaddr_in *));
__END_DECLS
#else
int in_broadcast __P((struct in_addr, struct ifnet *));
int in_canforward __P((struct in_addr));
int in_cksum __P((struct mbuf *, int));
int in_localaddr __P((struct in_addr));
void in_socktrim __P((struct sockaddr_in *));
char *inet_ntoa __P((struct in_addr));
#define satosin(sa) ((struct sockaddr_in *)(sa))
#define sintosa(sin) ((struct sockaddr *)(sin))
#define ifatoia(ifa) ((struct in_ifaddr *)(ifa))
#endif
#endif /* !_NETINET_IN_H_ */
|