Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-2-0]: src/sys/netinet6 Pull up revision 1.97 (requested by atatat...
details: https://anonhg.NetBSD.org/src/rev/05ceac1d48fc
branches: netbsd-2-0
changeset: 561131:05ceac1d48fc
user: tron <tron%NetBSD.org@localhost>
date: Fri May 28 07:24:28 2004 +0000
description:
Pull up revision 1.97 (requested by atatat in ticket #391):
Sysctl descriptions under net subtree (net.key not done)
diffstat:
sys/netinet6/ipsec.c | 77 ++++++++++++++++++++++++++++++++++++---------------
1 files changed, 54 insertions(+), 23 deletions(-)
diffs (202 lines):
diff -r 00ef5a1b2cdf -r 05ceac1d48fc sys/netinet6/ipsec.c
--- a/sys/netinet6/ipsec.c Fri May 28 07:24:17 2004 +0000
+++ b/sys/netinet6/ipsec.c Fri May 28 07:24:28 2004 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.95 2004/03/24 15:34:55 atatat Exp $ */
+/* $NetBSD: ipsec.c,v 1.95.2.1 2004/05/28 07:24:28 tron Exp $ */
/* $KAME: ipsec.c,v 1.136 2002/05/19 00:36:39 itojun Exp $ */
/*
@@ -35,7 +35,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.95 2004/03/24 15:34:55 atatat Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.95.2.1 2004/05/28 07:24:28 tron Exp $");
#include "opt_inet.h"
#include "opt_ipsec.h"
@@ -3625,43 +3625,54 @@
CTL_NET, PF_INET, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT,
- CTLTYPE_NODE, "ipsec", NULL,
+ CTLTYPE_NODE, "ipsec",
+ SYSCTL_DESCR("IPv4 related IPSec settings"),
NULL, 0, NULL, 0,
CTL_NET, PF_INET, IPPROTO_AH, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_STRUCT, "stats", NULL,
+ CTLTYPE_STRUCT, "stats",
+ SYSCTL_DESCR("IPSec statistics and counters"),
NULL, 0, &ipsecstat, sizeof(ipsecstat),
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_STATS, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "def_policy", NULL,
+ CTLTYPE_INT, "def_policy",
+ SYSCTL_DESCR("Default action for non-IPSec packets"),
sysctl_ipsec, 0, &ip4_def_policy, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DEF_POLICY, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "esp_trans_deflev", NULL,
+ CTLTYPE_INT, "esp_trans_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "transport mode traffic"),
sysctl_ipsec, 0, &ip4_esp_trans_deflev, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DEF_ESP_TRANSLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "esp_net_deflev", NULL,
+ CTLTYPE_INT, "esp_net_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "tunneled traffic"),
sysctl_ipsec, 0, &ip4_esp_net_deflev, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DEF_ESP_NETLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ah_trans_deflev", NULL,
+ CTLTYPE_INT, "ah_trans_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "transport mode headers"),
sysctl_ipsec, 0, &ip4_ah_trans_deflev, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DEF_AH_TRANSLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ah_net_deflev", NULL,
+ CTLTYPE_INT, "ah_net_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "tunneled headers"),
sysctl_ipsec, 0, &ip4_ah_net_deflev, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DEF_AH_NETLEV, CTL_EOL);
@@ -3675,31 +3686,38 @@
#endif
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ah_cleartos", NULL,
+ CTLTYPE_INT, "ah_cleartos",
+ SYSCTL_DESCR("Clear IP TOS field before calculating AH"),
NULL, 0, &ip4_ah_cleartos, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_AH_CLEARTOS, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ah_offsetmask", NULL,
+ CTLTYPE_INT, "ah_offsetmask",
+ SYSCTL_DESCR("Mask for IP fragment offset field when "
+ "calculating AH"),
NULL, 0, &ip4_ah_offsetmask, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_AH_OFFSETMASK, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "dfbit", NULL,
+ CTLTYPE_INT, "dfbit",
+ SYSCTL_DESCR("IP header DF bit setting for tunneled "
+ "traffic"),
NULL, 0, &ip4_ipsec_dfbit, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DFBIT, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ecn", NULL,
+ CTLTYPE_INT, "ecn",
+ SYSCTL_DESCR("Behavior of ECN for tunneled traffic"),
NULL, 0, &ip4_ipsec_ecn, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_ECN, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "debug", NULL,
+ CTLTYPE_INT, "debug",
+ SYSCTL_DESCR("Enable IPSec debugging output"),
NULL, 0, &ipsec_debug, 0,
CTL_NET, PF_INET, IPPROTO_AH,
IPSECCTL_DEBUG, CTL_EOL);
@@ -3753,55 +3771,68 @@
CTL_NET, PF_INET6, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT,
- CTLTYPE_NODE, "ipsec6", NULL,
+ CTLTYPE_NODE, "ipsec6",
+ SYSCTL_DESCR("IPv6 related IPSec settings"),
NULL, 0, NULL, 0,
CTL_NET, PF_INET6, IPPROTO_AH, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_STRUCT, "stats", NULL,
+ CTLTYPE_STRUCT, "stats",
+ SYSCTL_DESCR("IPSec statistics and counters"),
NULL, 0, &ipsec6stat, sizeof(ipsec6stat),
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_STATS, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "def_policy", NULL,
+ CTLTYPE_INT, "def_policy",
+ SYSCTL_DESCR("Default action for non-IPSec packets"),
sysctl_ipsec, 0, &ip6_def_policy, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_DEF_POLICY, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "esp_trans_deflev", NULL,
+ CTLTYPE_INT, "esp_trans_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "transport mode traffic"),
sysctl_ipsec, 0, &ip6_esp_trans_deflev, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_DEF_ESP_TRANSLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "esp_net_deflev", NULL,
+ CTLTYPE_INT, "esp_net_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "tunneled traffic"),
sysctl_ipsec, 0, &ip6_esp_net_deflev, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_DEF_ESP_NETLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ah_trans_deflev", NULL,
+ CTLTYPE_INT, "ah_trans_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "transport mode headers"),
sysctl_ipsec, 0, &ip6_ah_trans_deflev, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_DEF_AH_TRANSLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ah_net_deflev", NULL,
+ CTLTYPE_INT, "ah_net_deflev",
+ SYSCTL_DESCR("Default required security level for "
+ "tunneled headers"),
sysctl_ipsec, 0, &ip6_ah_net_deflev, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_DEF_AH_NETLEV, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "ecn", NULL,
+ CTLTYPE_INT, "ecn",
+ SYSCTL_DESCR("Behavior of ECN for tunneled traffic"),
NULL, 0, &ip6_ipsec_ecn, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_ECN, CTL_EOL);
sysctl_createv(clog, 0, NULL, NULL,
CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
- CTLTYPE_INT, "debug", NULL,
+ CTLTYPE_INT, "debug",
+ SYSCTL_DESCR("Enable IPSec debugging output"),
NULL, 0, &ipsec_debug, 0,
CTL_NET, PF_INET6, IPPROTO_AH,
IPSECCTL_DEBUG, CTL_EOL);
Home |
Main Index |
Thread Index |
Old Index