1 /*****************************************************************************
3 // Copyright (c) 2000-2002 Broadcom Corporation
5 // No portions of this material may be reproduced in any form without the
6 // written permission of:
7 // Broadcom Corporation
9 // Irvine, California 92619
10 // All information contained in this document is Broadcom Corporation
11 // company private, proprietary, and trade secret.
13 ******************************************************************************
15 // Filename: ip_conntrack_ipsec.h
16 // Author: Pavan Kumar
17 // Creation Date: 05/27/04
20 // Implements the IPSec ALG connectiontracking data structures.
22 *****************************************************************************/
23 #ifndef _IP_CONNTRACK_IPSEC_H
24 #define _IP_CONNTRACK_IPSEC_H
28 #error Only in kernel.
31 #include <linux/netfilter_ipv4/lockhelp.h>
33 #define IPSEC_UDP_PORT 500
35 /* Protects ftp part of conntracks */
36 DECLARE_LOCK_EXTERN(ip_ipsec_lock);
39 u_int32_t initcookie[2];
40 u_int32_t respcookie[2];
43 /* This structure is per expected connection */
44 struct ip_ct_ipsec_expect
46 /* We record initiator cookie and source IP address: all in
50 u_int32_t initcookie[2]; /* initiator cookie */
51 u_int32_t respcookie[2]; /* initiator cookie */
52 u_int32_t saddr; /* source IP address in the orig dir */
55 /* This structure exists only once per master */
56 struct ip_ct_ipsec_master {
57 u_int32_t initcookie[2];
61 #endif /* _IP_CONNTRACK_IPSEC_H */