Subject: Dan McDonald: Header file question
To: None <>
From: Michael C. Richardson <>
List: tech-net
Date: 08/13/1998 10:00:39
------- Forwarded Message

From: Dan McDonald <danmcd@Eng.Sun.Com>
Message-Id: <>
Subject: Header file question
Date: Wed, 12 Aug 1998 18:02:40 -0700 (PDT)
Cc: (Dan McDonald)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit


I've been talking over with some people here in Sun, and we came to the
conclusion that it would be nice to at least define in UNIX (and other
platforms?) header files a common include file for IPsec headers.  This is
just the headers, so programs that parse headers (tcpdump) can deal with them
across platofrms.  So this is really a question pointed at you OS vendors out
there that include header files with your OS.

For example, almost everybody's UNIX (AFAIK) has netinet/ip.h, which

struct ip {
        uchar_t ip_hl:4,                /* header length */
                ip_v:4;                 /* version */
        uchar_t ip_v:4,                 /* version */
                ip_hl:4;                /* header length */
        uchar_t ip_tos;                 /* type of service */
        short   ip_len;                 /* total length */
        ushort_t ip_id;                 /* identification */
        short   ip_off;                 /* fragment offset field */
#define IP_DF 0x4000                    /* dont fragment flag */
#define IP_MF 0x2000                    /* more fragments flag */
        uchar_t ip_ttl;                 /* time to live */
        uchar_t ip_p;                   /* protocol */
        ushort_t ip_sum;                /* checksum */
        struct  in_addr ip_src, ip_dst; /* source and dest address */

(Stolen from Solaris 2.x's netinet/ip.h.)

I guess I'd like to propose:

  #include <netinet/ipsec.h>

which contains the following minimal things:

#include <sys/types.h>	/* Include POSIX and/or X-Open types */
struct ah {
	uint8_t ah_nexthdr;
	uint8_t ah_length;	/* (ah_length << 2) + 8 == AH length */
	uint16_t ah_reserved;
	uint32_t ah_spi;
	uint32_t ah_replay;

struct esph {
       uint32_t esph_spi;
       uint32_t esph_replay;

If people feel I'm off my rocker, or are being to dictatorial, I'll just be
quiet.  But if you think this is a good idea for tools like tcpdump to have a
same-source header file for parsing AH and ESP, let's hear it on the list.
This is not anything that needs to be an I-D, or anything else, just a
minimal agreement among implementors.


------- End of Forwarded Message