OSCL-LXR |
|
|
|
|||
0001 /* SPDX-License-Identifier: (GPL-2.0 WITH Linux-syscall-note) OR MIT */ 0002 /* 0003 * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. 0004 * 0005 * Documentation 0006 * ============= 0007 * 0008 * The below enums and macros are for interfacing with WireGuard, using generic 0009 * netlink, with family WG_GENL_NAME and version WG_GENL_VERSION. It defines two 0010 * methods: get and set. Note that while they share many common attributes, 0011 * these two functions actually accept a slightly different set of inputs and 0012 * outputs. 0013 * 0014 * WG_CMD_GET_DEVICE 0015 * ----------------- 0016 * 0017 * May only be called via NLM_F_REQUEST | NLM_F_DUMP. The command should contain 0018 * one but not both of: 0019 * 0020 * WGDEVICE_A_IFINDEX: NLA_U32 0021 * WGDEVICE_A_IFNAME: NLA_NUL_STRING, maxlen IFNAMSIZ - 1 0022 * 0023 * The kernel will then return several messages (NLM_F_MULTI) containing the 0024 * following tree of nested items: 0025 * 0026 * WGDEVICE_A_IFINDEX: NLA_U32 0027 * WGDEVICE_A_IFNAME: NLA_NUL_STRING, maxlen IFNAMSIZ - 1 0028 * WGDEVICE_A_PRIVATE_KEY: NLA_EXACT_LEN, len WG_KEY_LEN 0029 * WGDEVICE_A_PUBLIC_KEY: NLA_EXACT_LEN, len WG_KEY_LEN 0030 * WGDEVICE_A_LISTEN_PORT: NLA_U16 0031 * WGDEVICE_A_FWMARK: NLA_U32 0032 * WGDEVICE_A_PEERS: NLA_NESTED 0033 * 0: NLA_NESTED 0034 * WGPEER_A_PUBLIC_KEY: NLA_EXACT_LEN, len WG_KEY_LEN 0035 * WGPEER_A_PRESHARED_KEY: NLA_EXACT_LEN, len WG_KEY_LEN 0036 * WGPEER_A_ENDPOINT: NLA_MIN_LEN(struct sockaddr), struct sockaddr_in or struct sockaddr_in6 0037 * WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL: NLA_U16 0038 * WGPEER_A_LAST_HANDSHAKE_TIME: NLA_EXACT_LEN, struct __kernel_timespec 0039 * WGPEER_A_RX_BYTES: NLA_U64 0040 * WGPEER_A_TX_BYTES: NLA_U64 0041 * WGPEER_A_ALLOWEDIPS: NLA_NESTED 0042 * 0: NLA_NESTED 0043 * WGALLOWEDIP_A_FAMILY: NLA_U16 0044 * WGALLOWEDIP_A_IPADDR: NLA_MIN_LEN(struct in_addr), struct in_addr or struct in6_addr 0045 * WGALLOWEDIP_A_CIDR_MASK: NLA_U8 0046 * 0: NLA_NESTED 0047 * ... 0048 * 0: NLA_NESTED 0049 * ... 0050 * ... 0051 * WGPEER_A_PROTOCOL_VERSION: NLA_U32 0052 * 0: NLA_NESTED 0053 * ... 0054 * ... 0055 * 0056 * It is possible that all of the allowed IPs of a single peer will not 0057 * fit within a single netlink message. In that case, the same peer will 0058 * be written in the following message, except it will only contain 0059 * WGPEER_A_PUBLIC_KEY and WGPEER_A_ALLOWEDIPS. This may occur several 0060 * times in a row for the same peer. It is then up to the receiver to 0061 * coalesce adjacent peers. Likewise, it is possible that all peers will 0062 * not fit within a single message. So, subsequent peers will be sent 0063 * in following messages, except those will only contain WGDEVICE_A_IFNAME 0064 * and WGDEVICE_A_PEERS. It is then up to the receiver to coalesce these 0065 * messages to form the complete list of peers. 0066 * 0067 * Since this is an NLA_F_DUMP command, the final message will always be 0068 * NLMSG_DONE, even if an error occurs. However, this NLMSG_DONE message 0069 * contains an integer error code. It is either zero or a negative error 0070 * code corresponding to the errno. 0071 * 0072 * WG_CMD_SET_DEVICE 0073 * ----------------- 0074 * 0075 * May only be called via NLM_F_REQUEST. The command should contain the 0076 * following tree of nested items, containing one but not both of 0077 * WGDEVICE_A_IFINDEX and WGDEVICE_A_IFNAME: 0078 * 0079 * WGDEVICE_A_IFINDEX: NLA_U32 0080 * WGDEVICE_A_IFNAME: NLA_NUL_STRING, maxlen IFNAMSIZ - 1 0081 * WGDEVICE_A_FLAGS: NLA_U32, 0 or WGDEVICE_F_REPLACE_PEERS if all current 0082 * peers should be removed prior to adding the list below. 0083 * WGDEVICE_A_PRIVATE_KEY: len WG_KEY_LEN, all zeros to remove 0084 * WGDEVICE_A_LISTEN_PORT: NLA_U16, 0 to choose randomly 0085 * WGDEVICE_A_FWMARK: NLA_U32, 0 to disable 0086 * WGDEVICE_A_PEERS: NLA_NESTED 0087 * 0: NLA_NESTED 0088 * WGPEER_A_PUBLIC_KEY: len WG_KEY_LEN 0089 * WGPEER_A_FLAGS: NLA_U32, 0 and/or WGPEER_F_REMOVE_ME if the 0090 * specified peer should not exist at the end of the 0091 * operation, rather than added/updated and/or 0092 * WGPEER_F_REPLACE_ALLOWEDIPS if all current allowed 0093 * IPs of this peer should be removed prior to adding 0094 * the list below and/or WGPEER_F_UPDATE_ONLY if the 0095 * peer should only be set if it already exists. 0096 * WGPEER_A_PRESHARED_KEY: len WG_KEY_LEN, all zeros to remove 0097 * WGPEER_A_ENDPOINT: struct sockaddr_in or struct sockaddr_in6 0098 * WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL: NLA_U16, 0 to disable 0099 * WGPEER_A_ALLOWEDIPS: NLA_NESTED 0100 * 0: NLA_NESTED 0101 * WGALLOWEDIP_A_FAMILY: NLA_U16 0102 * WGALLOWEDIP_A_IPADDR: struct in_addr or struct in6_addr 0103 * WGALLOWEDIP_A_CIDR_MASK: NLA_U8 0104 * 0: NLA_NESTED 0105 * ... 0106 * 0: NLA_NESTED 0107 * ... 0108 * ... 0109 * WGPEER_A_PROTOCOL_VERSION: NLA_U32, should not be set or used at 0110 * all by most users of this API, as the 0111 * most recent protocol will be used when 0112 * this is unset. Otherwise, must be set 0113 * to 1. 0114 * 0: NLA_NESTED 0115 * ... 0116 * ... 0117 * 0118 * It is possible that the amount of configuration data exceeds that of 0119 * the maximum message length accepted by the kernel. In that case, several 0120 * messages should be sent one after another, with each successive one 0121 * filling in information not contained in the prior. Note that if 0122 * WGDEVICE_F_REPLACE_PEERS is specified in the first message, it probably 0123 * should not be specified in fragments that come after, so that the list 0124 * of peers is only cleared the first time but appended after. Likewise for 0125 * peers, if WGPEER_F_REPLACE_ALLOWEDIPS is specified in the first message 0126 * of a peer, it likely should not be specified in subsequent fragments. 0127 * 0128 * If an error occurs, NLMSG_ERROR will reply containing an errno. 0129 */ 0130 0131 #ifndef _WG_UAPI_WIREGUARD_H 0132 #define _WG_UAPI_WIREGUARD_H 0133 0134 #define WG_GENL_NAME "wireguard" 0135 #define WG_GENL_VERSION 1 0136 0137 #define WG_KEY_LEN 32 0138 0139 enum wg_cmd { 0140 WG_CMD_GET_DEVICE, 0141 WG_CMD_SET_DEVICE, 0142 __WG_CMD_MAX 0143 }; 0144 #define WG_CMD_MAX (__WG_CMD_MAX - 1) 0145 0146 enum wgdevice_flag { 0147 WGDEVICE_F_REPLACE_PEERS = 1U << 0, 0148 __WGDEVICE_F_ALL = WGDEVICE_F_REPLACE_PEERS 0149 }; 0150 enum wgdevice_attribute { 0151 WGDEVICE_A_UNSPEC, 0152 WGDEVICE_A_IFINDEX, 0153 WGDEVICE_A_IFNAME, 0154 WGDEVICE_A_PRIVATE_KEY, 0155 WGDEVICE_A_PUBLIC_KEY, 0156 WGDEVICE_A_FLAGS, 0157 WGDEVICE_A_LISTEN_PORT, 0158 WGDEVICE_A_FWMARK, 0159 WGDEVICE_A_PEERS, 0160 __WGDEVICE_A_LAST 0161 }; 0162 #define WGDEVICE_A_MAX (__WGDEVICE_A_LAST - 1) 0163 0164 enum wgpeer_flag { 0165 WGPEER_F_REMOVE_ME = 1U << 0, 0166 WGPEER_F_REPLACE_ALLOWEDIPS = 1U << 1, 0167 WGPEER_F_UPDATE_ONLY = 1U << 2, 0168 __WGPEER_F_ALL = WGPEER_F_REMOVE_ME | WGPEER_F_REPLACE_ALLOWEDIPS | 0169 WGPEER_F_UPDATE_ONLY 0170 }; 0171 enum wgpeer_attribute { 0172 WGPEER_A_UNSPEC, 0173 WGPEER_A_PUBLIC_KEY, 0174 WGPEER_A_PRESHARED_KEY, 0175 WGPEER_A_FLAGS, 0176 WGPEER_A_ENDPOINT, 0177 WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL, 0178 WGPEER_A_LAST_HANDSHAKE_TIME, 0179 WGPEER_A_RX_BYTES, 0180 WGPEER_A_TX_BYTES, 0181 WGPEER_A_ALLOWEDIPS, 0182 WGPEER_A_PROTOCOL_VERSION, 0183 __WGPEER_A_LAST 0184 }; 0185 #define WGPEER_A_MAX (__WGPEER_A_LAST - 1) 0186 0187 enum wgallowedip_attribute { 0188 WGALLOWEDIP_A_UNSPEC, 0189 WGALLOWEDIP_A_FAMILY, 0190 WGALLOWEDIP_A_IPADDR, 0191 WGALLOWEDIP_A_CIDR_MASK, 0192 __WGALLOWEDIP_A_LAST 0193 }; 0194 #define WGALLOWEDIP_A_MAX (__WGALLOWEDIP_A_LAST - 1) 0195 0196 #endif /* _WG_UAPI_WIREGUARD_H */
| [ Source navigation ] | [ Diff markup ] | [ Identifier search ] | [ general search ] |
|
This page was automatically generated by the 2.1.0 LXR engine. The LXR team |
|