]>
Commit | Line | Data |
---|---|---|
bd50254c | 1 | /* |
4868d1c3 | 2 | * Copyright (C) 2010-2013 Tobias Brunner |
19ef2aec TB |
3 | * |
4 | * Copyright (C) secunet Security Networks AG | |
bd50254c TB |
5 | * |
6 | * This program is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2 of the License, or (at your | |
9 | * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY | |
13 | * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License | |
14 | * for more details. | |
15 | */ | |
16 | ||
17 | /** | |
18 | * @defgroup kernel_listener kernel_listener | |
8394ea2a | 19 | * @{ @ingroup kernel |
bd50254c TB |
20 | */ |
21 | ||
22 | #ifndef KERNEL_LISTENER_H_ | |
23 | #define KERNEL_LISTENER_H_ | |
24 | ||
25 | typedef struct kernel_listener_t kernel_listener_t; | |
3b699c72 | 26 | typedef struct kernel_acquire_data_t kernel_acquire_data_t; |
bd50254c | 27 | |
2e7cc07e | 28 | #include <networking/host.h> |
4868d1c3 TB |
29 | #include <networking/tun_device.h> |
30 | #include <selectors/traffic_selector.h> | |
31 | #include <kernel/kernel_ipsec.h> | |
bd50254c | 32 | |
3b699c72 TB |
33 | /** |
34 | * Data received with a kernel's acquire, has to be cloned/copied by listener. | |
35 | */ | |
36 | struct kernel_acquire_data_t { | |
37 | /** Optional source of the triggering packet */ | |
38 | traffic_selector_t *src; | |
39 | /** Optional destination of the triggering packet */ | |
40 | traffic_selector_t *dst; | |
52a05d7f TB |
41 | /** Optional security label of the triggering packet */ |
42 | sec_label_t *label; | |
df7cd8a2 TB |
43 | /** Optional CPU ID of the triggering packet, CPU_ID_MAX if none */ |
44 | uint32_t cpu; | |
3b699c72 TB |
45 | }; |
46 | ||
bd50254c TB |
47 | /** |
48 | * Interface for components interested in kernel events. | |
f7f3d87e TB |
49 | * |
50 | * All hooks are optional. | |
bd50254c TB |
51 | */ |
52 | struct kernel_listener_t { | |
53 | ||
54 | /** | |
55 | * Hook called if an acquire event for a policy is received. | |
56 | * | |
57 | * @param reqid reqid of the policy to acquire | |
3b699c72 | 58 | * @param data data from the acquire |
bd50254c TB |
59 | * @return TRUE to remain registered, FALSE to unregister |
60 | */ | |
b12c53ce | 61 | bool (*acquire)(kernel_listener_t *this, uint32_t reqid, |
3b699c72 | 62 | kernel_acquire_data_t *data); |
bd50254c TB |
63 | |
64 | /** | |
b3ab7a48 | 65 | * Hook called if an expire event for an IPsec SA is received. |
bd50254c | 66 | * |
bd50254c TB |
67 | * @param protocol protocol of the expired SA |
68 | * @param spi spi of the expired SA | |
f81a9497 | 69 | * @param dst destination address of expired SA |
bd50254c TB |
70 | * @param hard TRUE if it is a hard expire, FALSE otherwise |
71 | * @return TRUE to remain registered, FALSE to unregister | |
72 | */ | |
b12c53ce | 73 | bool (*expire)(kernel_listener_t *this, uint8_t protocol, uint32_t spi, |
f81a9497 | 74 | host_t *dst, bool hard); |
bd50254c TB |
75 | |
76 | /** | |
77 | * Hook called if the NAT mappings of an IPsec SA changed. | |
78 | * | |
b125839a | 79 | * @param protocol IPsec protocol of affected SA |
bd50254c | 80 | * @param spi spi of the SA |
b3ab7a48 | 81 | * @param dst old destination address of SA |
bd50254c TB |
82 | * @param remote new remote host |
83 | * @return TRUE to remain registered, FALSE to unregister | |
84 | */ | |
b12c53ce | 85 | bool (*mapping)(kernel_listener_t *this, uint8_t protocol, uint32_t spi, |
b125839a | 86 | host_t *dst, host_t *remote); |
bd50254c TB |
87 | |
88 | /** | |
89 | * Hook called if a migrate event for a policy is received. | |
90 | * | |
91 | * @param reqid reqid of the policy | |
92 | * @param src_ts source traffic selector | |
93 | * @param dst_ts destination traffic selector | |
94 | * @param direction direction of the policy (in|out) | |
95 | * @param local local host address to be used in the IKE_SA | |
96 | * @param remote remote host address to be used in the IKE_SA | |
97 | * @return TRUE to remain registered, FALSE to unregister | |
98 | */ | |
b12c53ce | 99 | bool (*migrate)(kernel_listener_t *this, uint32_t reqid, |
bd50254c TB |
100 | traffic_selector_t *src_ts, traffic_selector_t *dst_ts, |
101 | policy_dir_t direction, host_t *local, host_t *remote); | |
102 | ||
103 | /** | |
f3bb1bd0 | 104 | * Hook called if changes in the networking layer occurred (interfaces |
bd50254c TB |
105 | * up/down, routes added/deleted etc.). |
106 | * | |
107 | * @param address TRUE if address list, FALSE if routing changed | |
108 | * @return TRUE to remain registered, FALSE to unregister | |
109 | */ | |
110 | bool (*roam)(kernel_listener_t *this, bool address); | |
4868d1c3 TB |
111 | |
112 | /** | |
113 | * Hook called after a TUN device was created for a virtual IP address, or | |
114 | * before such a device gets destroyed. | |
115 | * | |
116 | * @param tun TUN device | |
117 | * @param created TRUE if created, FALSE if going to be destroyed | |
118 | */ | |
119 | bool (*tun)(kernel_listener_t *this, tun_device_t *tun, bool created); | |
bd50254c TB |
120 | }; |
121 | ||
122 | #endif /** KERNEL_LISTENER_H_ @}*/ |