linux/include/freeswan/ipsec_life.h

   1 /*
   2  * Definitions relevant to IPSEC lifetimes
   3  * Copyright (C) 2001  Richard Guy Briggs  <rgb@freeswan.org>
   4  *                 and Michael Richardson  <mcr@freeswan.org>
   5  *
   6  * This program is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2 of the License, or (at your
   9  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * for more details.
  15  *
  16  * RCSID $Id: ipsec_life.h,v 1.1 2004/03/15 20:35:25 as Exp $
  17  *
  18  * This file derived from ipsec_xform.h on 2001/9/18 by mcr.
  19  *
  20  */
  21
  22 /*
  23  * This file describes the book keeping fields for the
  24  *   IPsec Security Association Structure. ("ipsec_sa")
  25  *
  26  * This structure is never allocated directly by kernel code,
  27  * (it is always a static/auto or is part of a structure)
  28  * so it does not have a reference count.
  29  *
  30  */
  31
  32 #ifndef _IPSEC_LIFE_H_
  33
  34 /*
  35  *  _count is total count.
  36  *  _hard is hard limit (kill SA after this number)
  37  *  _soft is soft limit (try to renew SA after this number)
  38  *  _last is used in some special cases.
  39  *
  40  */
  41
  42 struct ipsec_lifetime64
  43 {
  44         __u64           ipl_count;
  45         __u64           ipl_soft;
  46         __u64           ipl_hard;
  47         __u64           ipl_last;
  48 };
  49
  50 struct ipsec_lifetimes
  51 {
  52         /* number of bytes processed */
  53         struct ipsec_lifetime64 ipl_bytes;
  54
  55         /* number of packets processed */
  56         struct ipsec_lifetime64 ipl_packets;
  57
  58         /* time since SA was added */
  59         struct ipsec_lifetime64 ipl_addtime;
  60
  61         /* time since SA was first used */
  62         struct ipsec_lifetime64 ipl_usetime;
  63
  64         /* from rfc2367:
  65          *         For CURRENT, the number of different connections,
  66          *         endpoints, or flows that the association has been
  67          *          allocated towards. For HARD and SOFT, the number of
  68          *          these the association may be allocated towards
  69          *          before it expires. The concept of a connection,
  70          *          flow, or endpoint is system specific.
  71          *
  72          * mcr(2001-9-18) it is unclear what purpose these serve for FreeSWAN.
  73          *          They are maintained for PF_KEY compatibility.
  74          */
  75         struct ipsec_lifetime64 ipl_allocations;
  76 };
  77
  78 enum ipsec_life_alive {
  79         ipsec_life_harddied = -1,
  80         ipsec_life_softdied = 0,
  81         ipsec_life_okay     = 1
  82 };
  83
  84 enum ipsec_life_type {
  85         ipsec_life_timebased = 1,
  86         ipsec_life_countbased= 0
  87 };
  88
  89 #define _IPSEC_LIFE_H_
  90 #endif /* _IPSEC_LIFE_H_ */
  91
  92
  93 /*
  94  * $Log: ipsec_life.h,v $
  95  * Revision 1.1  2004/03/15 20:35:25  as
  96  * added files from freeswan-2.04-x509-1.5.3
  97  *
  98  * Revision 1.3  2002/04/24 07:36:46  mcr
  99  * Moved from ./klips/net/ipsec/ipsec_life.h,v
 100  *
 101  * Revision 1.2  2001/11/26 09:16:14  rgb
 102  * Merge MCR's ipsec_sa, eroute, proc and struct lifetime changes.
 103  *
 104  * Revision 1.1.2.1  2001/09/25 02:25:58  mcr
 105  *      lifetime structure created and common functions created.
 106  *
 107  *
 108  * Local variables:
 109  * c-file-style: "linux"
 110  * End:
 111  *
 112  */