diff options
author | VANHULLEBUS Yvan <vanhu@FreeBSD.org> | 2009-06-12 15:44:35 +0000 |
---|---|---|
committer | VANHULLEBUS Yvan <vanhu@FreeBSD.org> | 2009-06-12 15:44:35 +0000 |
commit | 7b495c449475e00df3f60227247279883d891bcf (patch) | |
tree | e75e977677e2ddd8c5e3a47752c3693ea92b15e3 /sys/netipsec/keydb.h | |
parent | 84056e4e85f9a42d58738298001917dc22155a63 (diff) | |
download | src-7b495c449475e00df3f60227247279883d891bcf.tar.gz src-7b495c449475e00df3f60227247279883d891bcf.zip |
Added support for NAT-Traversal (RFC 3948) in IPsec stack.
Thanks to (no special order) Emmanuel Dreyfus (manu@netbsd.org), Larry
Baird (lab@gta.com), gnn, bz, and other FreeBSD devs, Julien Vanherzeele
(julien.vanherzeele@netasq.com, for years of bug reporting), the PFSense
team, and all people who used / tried the NAT-T patch for years and
reported bugs, patches, etc...
X-MFC: never
Reviewed by: bz
Approved by: gnn(mentor)
Obtained from: NETASQ
Notes
Notes:
svn path=/head/; revision=194062
Diffstat (limited to 'sys/netipsec/keydb.h')
-rw-r--r-- | sys/netipsec/keydb.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/netipsec/keydb.h b/sys/netipsec/keydb.h index c9a37e3452bd..35a01229f7f2 100644 --- a/sys/netipsec/keydb.h +++ b/sys/netipsec/keydb.h @@ -151,6 +151,12 @@ struct secasvar { struct auth_hash *tdb_authalgxform; /* authentication algorithm */ struct comp_algo *tdb_compalgxform; /* compression algorithm */ u_int64_t tdb_cryptoid; /* crypto session id */ + + /* + * NAT-Traversal. + */ + u_int16_t natt_type; /* IKE/ESP-marker in output. */ + u_int16_t natt_esp_frag_len; /* MTU for payload fragmentation. */ }; #define SECASVAR_LOCK_INIT(_sav) \ |