[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Traffic Selector extension
The list has been pretty quiet on this. Well, I have to implement
*something* fast. I need the traffic selector extension and thus, I'm
now adding the attached definition to my implementation.
I decided on simplest possible structure: a TS extention consists of
the extension base and an array of (sadb_selector+addresses) structures.
- i will use fixed size for sadb_selector (I use IPv6 format for IPv4
addresses), and thus array size could be found from the extension
lenghth. But, I defined 'sadb_ts_numsel' in case variable length
elements are used.
- I didn't want to "hardcode" the "low,high" by specifying the
sadb_ts_numsel as number of pairs. There might be some use in having
somekind of "type" field in sadb_selector (for example, the per
packet information could be presented by single selector instead of
- in selector, a negation flag could be considered. I think that the
"decorrelation" algorithm, if someone uses it, produces a lot of
negated ranges, and having option of just storing the negated range
might be useful.
This is what I now have, but I'm also open to suggestions for better
#define SADB_EXT_TS 17
** Traffic Selector Extension
uint16_t sadb_ts_exttype; /* SA_EXT_TS */
uint32_t sadb_ts_numsel; /* Number of sadb_selecter that follow */
/* sizeof(struct sadb_ts) == 8 */
/* Followed by
sadb_ts_numsel * (struct sadb_selector)
Each two selectors (low, high) defines one traffic selector
range. Implementation defines whether IPv6 and IPv4 "sockaddr"
sizes are different. If different, then "sadb_selector_addrtype"
of the low sadb_selector defines the size of all "sockaddr" in
the range (e.g. low src, low dst, high src and high dst addresses).
* Basic Selector values
uint8_t sadb_selector_proto; /* Protocol Number */
uint8_t sadb_selector_addrtype; /* SADB_ADDRTYPE_IPV4 or SADB_ADDRTYPE_IPV6 */
uint16_t sabd_selector_reserved;/* Padding */
/* sizeof(struct sadb_selector) == 4 */
/* Followed by two some form of struct sockaddr, 1st = src, 2nd dst address
* The socket address includes the port field.