[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Traffic Selector extension

The list has been pretty quiet on this. Well, I have to implement
*something* fast. I need the traffic selector extension and thus, I'm
now adding the attached definition to my implementation.

I decided on simplest possible structure: a TS extention consists of
the extension base and an array of (sadb_selector+addresses) structures.

- i will use fixed size for sadb_selector (I use IPv6 format for IPv4
  addresses), and thus array size could be found from the extension
  lenghth. But, I defined 'sadb_ts_numsel' in case variable length
  elements are used.

- I didn't want to "hardcode" the "low,high" by specifying the
  sadb_ts_numsel as number of pairs. There might be some use in having
  somekind of "type" field in sadb_selector (for example, the per
  packet information could be presented by single selector instead of

- in selector, a negation flag could be considered. I think that the
  "decorrelation" algorithm, if someone uses it, produces a lot of
  negated ranges, and having option of just storing the negated range
  might be useful.

This is what I now have, but I'm also open to suggestions for better


#define SADB_EXT_TS                 17


** Traffic Selector Extension
struct sadb_ts
    uint16_t sadb_ts_len;
    uint16_t sadb_ts_exttype;       /* SA_EXT_TS */
    uint32_t sadb_ts_numsel;	    /* Number of sadb_selecter that follow */ 
    /* sizeof(struct sadb_ts) == 8 */

    /* Followed by
       sadb_ts_numsel * (struct sadb_selector)
       Each two selectors (low, high) defines one traffic selector
       range. Implementation defines whether IPv6 and IPv4 "sockaddr"
       sizes are different. If different, then "sadb_selector_addrtype"
       of the low sadb_selector defines the size of all "sockaddr" in
       the range (e.g. low src, low dst, high src and high dst addresses).

 * Basic Selector values
struct sadb_selector
    uint8_t sadb_selector_proto;    /* Protocol Number */
    uint8_t sadb_selector_addrtype; /* SADB_ADDRTYPE_IPV4 or SADB_ADDRTYPE_IPV6 */
    uint16_t sabd_selector_reserved;/* Padding */
    /* sizeof(struct sadb_selector) == 4 */

    /* Followed by two some form of struct sockaddr, 1st = src, 2nd dst address
     * The socket address includes the port field.