devbox
空白诗007
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

IPsec协议相关结构2_xfrm mode beet

作者:空白诗007 | 2024-07-12 15:02:36

xfrm mode beet

版权声明:如有需要,可供转载,但请注明出处:https://blog.csdn.net/City_of_skey/article/details/86563402

目录

1、xfrm_type

2、xfrm_mode

3、xfrm_policy_afinfo

4、xfrm_state_afinfo

5、xfrm_mgr

1、xfrm_type

ah、esp、ipcomp协议的通过struct xfrm_type结构体描述,包括协议字符串、协议值、标志、初始化函数、析构函数、数据包输入处理函数、数据包输出处理函数等,定义如下:

  1. struct xfrm_type {
  2. 	char			*description;		/*描述字符串*/
  3. 	struct module		*owner;		/*协议末班*/
  4. 	u8			proto;			/*协议值*/
  5. 	u8			flags;			/*标志*/
  6. #define XFRM_TYPE_NON_FRAGMENT	1
  7. #define XFRM_TYPE_REPLAY_PROT	2
  8. #define XFRM_TYPE_LOCAL_COADDR	4
  9. #define XFRM_TYPE_REMOTE_COADDR	8
  10.  
  11. 	int			(*init_state)(struct xfrm_state *x);		/*初始化函数*/
  12. 	void			(*destructor)(struct xfrm_state *);		/*析构函数*/
  13. 	int			(*input)(struct xfrm_state *, struct sk_buff *skb);/*数据包输入函数*/
  14. 	int			(*output)(struct xfrm_state *, struct sk_buff *pskb);/*数据包输出函数*/
  15. 	int			(*reject)(struct xfrm_state *, struct sk_buff *, struct flowi *);/*拒绝函数*/
  16. 	int			(*hdr_offset)(struct xfrm_state *, struct sk_buff *, u8 **);/*头部偏移函数*/
  17. 	/* Estimate maximal size of result of transformation of a dgram */	
  18. 	u32			(*get_mtu)(struct xfrm_state *, int size);	/*最大数据包长度函数*/
  19. };

ah协议实例定义在/net/ipv4/ah4.c文件中

  1. static const struct xfrm_type ah_type =
  2. {
  3. 	.description	= "AH4",
  4. 	.owner		= THIS_MODULE,
  5. 	.proto	     	= IPPROTO_AH,
  6. 	.flags		= XFRM_TYPE_REPLAY_PROT,
  7. 	.init_state	= ah_init_state,
  8. 	.destructor	= ah_destroy,
  9. 	.input		= ah_input,
  10. 	.output		= ah_output
  11. };

esp协议实例定义在/net/ipv4/esp4.c文件中

  1. static const struct xfrm_type esp_type =
  2. {
  3. 	.description	= "ESP4",
  4. 	.owner		= THIS_MODULE,
  5. 	.proto	     	= IPPROTO_ESP,
  6. 	.flags		= XFRM_TYPE_REPLAY_PROT,
  7. 	.init_state	= esp_init_state,
  8. 	.destructor	= esp_destroy,
  9. 	.get_mtu	= esp4_get_mtu,
  10. 	.input		= esp_input,
  11. 	.output		= esp_output
  12. };

ipcomp协议实例定义在/net/ipv4/ipcomp.c文件中

  1. static const struct xfrm_type ipcomp_type = {
  2. 	.description	= "IPCOMP4",
  3. 	.owner		= THIS_MODULE,
  4. 	.proto	     	= IPPROTO_COMP,
  5. 	.init_state	= ipcomp4_init_state,
  6. 	.destructor	= ipcomp_destroy,
  7. 	.input		= ipcomp_input,
  8. 	.output		= ipcomp_output
  9. };

 

2、xfrm_mode

struct xfrm_mode是Ipsec连接描述结构体,主要有传输模式、隧道模式两种

  1. struct xfrm_mode {
  2.  
  3. 	int (*input2)(struct xfrm_state *x, struct sk_buff *skb);
  4.  
  5. 	int (*input)(struct xfrm_state *x, struct sk_buff *skb);		/*数据输入函数*/
  6.  
  7.  
  8. 	int (*output2)(struct xfrm_state *x,struct sk_buff *skb);
  9.  
  10. 	int (*output)(struct xfrm_state *x, struct sk_buff *skb);	/*输出函数*/
  11.  
  12. 	struct xfrm_state_afinfo *afinfo;
  13. 	struct module *owner;
  14. 	unsigned int encap;
  15. 	int flags;
  16. };

隧道模式结构体实例:

  1. static struct xfrm_mode xfrm4_tunnel_mode = {
  2. 	.input2 = xfrm4_mode_tunnel_input,
  3. 	.input = xfrm_prepare_input,
  4. 	.output2 = xfrm4_mode_tunnel_output,
  5. 	.output = xfrm4_prepare_output,
  6. 	.owner = THIS_MODULE,
  7. 	.encap = XFRM_MODE_TUNNEL,
  8. 	.flags = XFRM_MODE_FLAG_TUNNEL,
  9. };

传输模式结构体实例:

  1. static struct xfrm_mode xfrm4_transport_mode = {
  2. 	.input = xfrm4_transport_input,
  3. 	.output = xfrm4_transport_output,
  4. 	.owner = THIS_MODULE,
  5. 	.encap = XFRM_MODE_TRANSPORT,
  6. };

beet模式结构体实例:

  1. static struct xfrm_mode xfrm4_beet_mode = {
  2. 	.input2 = xfrm4_beet_input,
  3. 	.input = xfrm_prepare_input,
  4. 	.output2 = xfrm4_beet_output,
  5. 	.output = xfrm4_prepare_output,
  6. 	.owner = THIS_MODULE,
  7. 	.encap = XFRM_MODE_BEET,
  8. 	.flags = XFRM_MODE_FLAG_TUNNEL,
  9. };

 

3、xfrm_policy_afinfo

struct xfrm_policy_afinfo结构体是策略数据结构

  1. struct xfrm_policy_afinfo {
  2. 	/*协议族*/
  3. 	unsigned short		family;
  4. 	/*目的操作结构*/
  5. 	struct dst_ops		*dst_ops;
  6. 	void			(*garbage_collect)(struct net *net);
  7. 	/*路由选项*/
  8. 	struct dst_entry	*(*dst_lookup)(struct net *net, int tos,
  9. 					       xfrm_address_t *saddr,
  10. 					       xfrm_address_t *daddr);
  11. 	/*获取源地址*/
  12. 	int			(*get_saddr)(struct net *net, xfrm_address_t *saddr, xfrm_address_t *daddr);
  13. 	/*解码会话*/
  14. 	void			(*decode_session)(struct sk_buff *skb,
  15. 						  struct flowi *fl,
  16. 						  int reverse);
  17. 	int			(*get_tos)(struct flowi *fl);
  18. 	int			(*init_path)(struct xfrm_dst *path,
  19. 					     struct dst_entry *dst,
  20. 					     int nfheader_len);
  21. 	/*查找路由选项*/
  22. 	int			(*fill_dst)(struct xfrm_dst *xdst,
  23. 					    struct net_device *dev,
  24. 					    struct flowi *fl);
  25. };

struct xfrm_policy_afinfo结构体实例

  1. static struct xfrm_policy_afinfo xfrm4_policy_afinfo = {
  2. 	.family = 		AF_INET,
  3. 	.dst_ops =		&xfrm4_dst_ops,
  4. 	.dst_lookup =		xfrm4_dst_lookup,
  5. 	.get_saddr =		xfrm4_get_saddr,
  6. 	.decode_session =	_decode_session4,
  7. 	.get_tos =		xfrm4_get_tos,
  8. 	.init_path =		xfrm4_init_path,
  9. 	.fill_dst =		xfrm4_fill_dst,
  10. };

 

4、xfrm_state_afinfo

状态的相关协议结构体

  1. struct xfrm_state_afinfo {
  2. 	/*协议族*/
  3. 	unsigned int		family;
  4. 	unsigned int		proto;
  5. 	__be16			eth_proto;
  6. 	struct module		*owner;
  7. 	/*协议类型*/
  8. 	const struct xfrm_type	*type_map[IPPROTO_MAX];
  9. 	/*模式*/
  10. 	struct xfrm_mode	*mode_map[XFRM_MODE_MAX];
  11. 	int			(*init_flags)(struct xfrm_state *x);
  12. 	void			(*init_tempsel)(struct xfrm_state *x, struct flowi *fl,
  13. 						struct xfrm_tmpl *tmpl,
  14. 						xfrm_address_t *daddr, xfrm_address_t *saddr);
  15. 	/*模板排序*/
  16. 	int			(*tmpl_sort)(struct xfrm_tmpl **dst, struct xfrm_tmpl **src, int n);
  17. 	/*状态排序*/
  18. 	int			(*state_sort)(struct xfrm_state **dst, struct xfrm_state **src, int n);
  19. 	int			(*output)(struct sk_buff *skb);
  20. 	int			(*extract_input)(struct xfrm_state *x,
  21. 						 struct sk_buff *skb);
  22. 	int			(*extract_output)(struct xfrm_state *x,
  23. 						  struct sk_buff *skb);
  24. 	int			(*transport_finish)(struct sk_buff *skb,
  25. 						    int async);
  26. };

状态协议结构体实例:

  1. static struct xfrm_state_afinfo xfrm4_state_afinfo = {
  2. 	.family			= AF_INET,
  3. 	.proto			= IPPROTO_IPIP,
  4. 	.eth_proto		= htons(ETH_P_IP),
  5. 	.owner			= THIS_MODULE,
  6. 	.init_flags		= xfrm4_init_flags,
  7. 	.init_tempsel		= __xfrm4_init_tempsel,
  8. 	.output			= xfrm4_output,
  9. 	.extract_input		= xfrm4_extract_input,
  10. 	.extract_output		= xfrm4_extract_output,
  11. 	.transport_finish	= xfrm4_transport_finish,
  12. };

5、xfrm_mgr

回调通知结构体

  1. struct xfrm_mgr {
  2. 	struct list_head	list;
  3. 	char			*id;
  4. 	/*状态通知*/
  5. 	int			(*notify)(struct xfrm_state *x, struct km_event *c);
  6. 	/*状态获取*/
  7. 	int			(*acquire)(struct xfrm_state *x, struct xfrm_tmpl *, struct xfrm_policy *xp, int dir);
  8. 	/*编译策略*/
  9. 	struct xfrm_policy	*(*compile_policy)(struct sock *sk, int opt, u8 *data, int len, int *dir);
  10. 	/*映射*/
  11. 	int			(*new_mapping)(struct xfrm_state *x, xfrm_address_t *ipaddr, __be16 sport);
  12. 	/*策略通知*/
  13. 	int			(*notify_policy)(struct xfrm_policy *x, int dir, struct km_event *c);
  14. 	/*报告*/
  15. 	int			(*report)(struct net *net, u8 proto, struct xfrm_selector *sel, xfrm_address_t *addr);
  16. 	int			(*migrate)(struct xfrm_selector *sel, u8 dir, u8 type, struct xfrm_migrate *m, int num_bundles, struct xfrm_kmaddress *k);
  17. };

回调通知结构体实例

  1. static struct xfrm_mgr pfkeyv2_mgr =
  2. {
  3. 	.id		= "pfkeyv2",
  4. 	.notify		= pfkey_send_notify,
  5. 	.acquire	= pfkey_send_acquire,
  6. 	.compile_policy	= pfkey_compile_policy,
  7. 	.new_mapping	= pfkey_send_new_mapping,
  8. 	.notify_policy	= pfkey_send_policy_notify,
  9. 	.migrate	= pfkey_send_migrate,
  10. };

 

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/空白诗007/article/detail/814514
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号