/*
- * Copyright (C) 2007 Tobias Brunner
+ * Copyright (C) 2007-2013 Tobias Brunner
* Copyright (C) 2005-2006 Martin Willi
* Copyright (C) 2005 Jan Hutter
* Hochschule fuer Technik Rapperswil
* Object representing a traffic selector entry.
*
* A traffic selector defines an range of addresses
- * and a range of ports. IPv6 is not fully supported yet.
+ * and a range of ports.
+ *
+ * If the protocol is ICMP or ICMPv6 the ICMP type and code are stored in the
+ * port field as follows: The message type is placed in the most significant
+ * 8 bits and the code in the least significant 8 bits. Utility functions are
+ * provided to extract the individual values.
*/
struct traffic_selector_t {
* Get starting port of this ts.
*
* Port is in host order, since the parser converts it.
- * Size depends on protocol.
+ *
+ * If the protocol is ICMP/ICMPv6 the ICMP type and code are stored in this
+ * field as follows: The message type is placed in the most significant
+ * 8 bits and the code in the least significant 8 bits. Use the utility
+ * functions to extract them.
*
* @return port
*/
* Get ending port of this ts.
*
* Port is in host order, since the parser converts it.
- * Size depends on protocol.
+ *
+ * If the protocol is ICMP/ICMPv6 the ICMP type and code are stored in this
+ * field as follows: The message type is placed in the most significant
+ * 8 bits and the code in the least significant 8 bits. Use the utility
+ * functions to extract them.
*
* @return port
*/
void (*destroy) (traffic_selector_t *this);
};
+/**
+ * Extract the ICMP/ICMPv6 message type from a port in host order
+ *
+ * @param port port number in host order
+ * @return ICMP/ICMPv6 message type
+ */
+static inline u_int8_t traffic_selector_icmp_type(u_int16_t port)
+{
+ return port >> 8;
+}
+
+/**
+ * Extract the ICMP/ICMPv6 message code from a port in host order
+ *
+ * @param port port number in host order
+ * @return ICMP/ICMPv6 message code
+ */
+static inline u_int8_t traffic_selector_icmp_code(u_int16_t port)
+{
+ return port & 0xff;
+}
+
/**
* Create a new traffic selector using human readable params.
*
+ * If protocol is ICMP or ICMPv6 the ports are interpreted as follows: If they
+ * are less than 256 the value is assumed to be a message type, if they are
+ * greater or equal to 256 they are assumed to be type and code as defined
+ * for traffic_selector_t.
+ *
* @param protocol protocol for this ts, such as TCP or UDP
* @param type type of following addresses, such as TS_IPV4_ADDR_RANGE
* @param from_addr start of address range as string
/**
* Create a traffic selector from a CIDR string.
*
+ * If protocol is ICMP or ICMPv6 the ports are interpreted as follows: If they
+ * are less than 256 the value is assumed to be a message type, if they are
+ * greater or equal to 256 they are assumed to be type and code as defined
+ * for traffic_selector_t.
+ *
* @param string CIDR string, such as 10.1.0.0/16
* @param protocol protocol for this ts, such as TCP or UDP
* @param from_port start of allowed port range
* But the parser gives us this data in this format, so we
* don't have to convert twice.
*
+ * If protocol is ICMP or ICMPv6 the ports are interpreted as follows: If they
+ * are less than 256 the value is assumed to be a message type, if they are
+ * greater or equal to 256 they are assumed to be type and code as defined
+ * for traffic_selector_t.
+ *
* @param protocol protocol for this ts, such as TCP or UDP
* @param type type of following addresses, such as TS_IPV4_ADDR_RANGE
* @param from_address start of address range, network order
* is sufficient. This constructor creates a traffic selector for
* all protocols, all ports and the address range specified by the
* subnet.
- * Additionally, a protocol and a port may be specified. Port ranges
- * are not supported via this constructor.
+ * Additionally, a protocol and ports may be specified.
+ *
+ * If protocol is ICMP or ICMPv6 the ports are interpreted as follows: If they
+ * are less than 256 the value is assumed to be a message type, if they are
+ * greater or equal to 256 they are assumed to be type and code as defined
+ * for traffic_selector_t.
*
* @param net subnet to use
* @param netbits size of the subnet, as used in e.g. 192.168.0.0/24 notation
* created at runtime using the external/virtual IP. Using this constructor,
* a call to set_address() sets this traffic selector to the supplied host.
*
+ * If protocol is ICMP or ICMPv6 the ports are interpreted as follows: If they
+ * are less than 256 the value is assumed to be a message type, if they are
+ * greater or equal to 256 they are assumed to be type and code as defined
+ * for traffic_selector_t.
*
* @param protocol upper layer protocl to allow
* @param from_port start of allowed port range
projects / thirdparty / strongswan.git / commitdiff
