1 /* 2 * Copyright (c) 2000-2011 Apple Computer, Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 /* $KAME: pfkeyv2.h,v 1.10 2000/03/22 07:04:20 sakane Exp $ */ 29 30 /* 31 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 32 * All rights reserved. 33 * 34 * Redistribution and use in source and binary forms, with or without 35 * modification, are permitted provided that the following conditions 36 * are met: 37 * 1. Redistributions of source code must retain the above copyright 38 * notice, this list of conditions and the following disclaimer. 39 * 2. Redistributions in binary form must reproduce the above copyright 40 * notice, this list of conditions and the following disclaimer in the 41 * documentation and/or other materials provided with the distribution. 42 * 3. Neither the name of the project nor the names of its contributors 43 * may be used to endorse or promote products derived from this software 44 * without specific prior written permission. 45 * 46 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 47 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 48 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 49 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 50 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 51 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 52 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 53 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 54 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 55 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 56 * SUCH DAMAGE. 57 */ 58 59 /* 60 * This file has been derived rfc 2367, 61 * And added some flags of SADB_KEY_FLAGS_ as SADB_X_EXT_. 62 * [email protected] 63 */ 64 65 #ifndef _NET_PFKEYV2_H_ 66 #define _NET_PFKEYV2_H_ 67 #include <sys/appleapiopts.h> 68 #include <net/if.h> 69 70 /* 71 * This file defines structures and symbols for the PF_KEY Version 2 72 * key management interface. It was written at the U.S. Naval Research 73 * Laboratory. This file is in the public domain. The authors ask that 74 * you leave this credit intact on any copies of this file. 75 */ 76 #ifndef __PFKEY_V2_H 77 #define __PFKEY_V2_H 1 78 79 #define PF_KEY_V2 2 80 #define PFKEYV2_REVISION 199806L 81 82 #define SADB_RESERVED 0 83 #define SADB_GETSPI 1 84 #define SADB_UPDATE 2 85 #define SADB_ADD 3 86 #define SADB_DELETE 4 87 #define SADB_GET 5 88 #define SADB_ACQUIRE 6 89 #define SADB_REGISTER 7 90 #define SADB_EXPIRE 8 91 #define SADB_FLUSH 9 92 #define SADB_DUMP 10 93 #define SADB_X_PROMISC 11 94 #define SADB_X_PCHANGE 12 95 96 #define SADB_X_SPDUPDATE 13 97 #define SADB_X_SPDADD 14 98 #define SADB_X_SPDDELETE 15 /* by policy index */ 99 #define SADB_X_SPDGET 16 100 #define SADB_X_SPDACQUIRE 17 101 #define SADB_X_SPDDUMP 18 102 #define SADB_X_SPDFLUSH 19 103 #define SADB_X_SPDSETIDX 20 104 #define SADB_X_SPDEXPIRE 21 105 #define SADB_X_SPDDELETE2 22 /* by policy id */ 106 #define SADB_GETSASTAT 23 107 #define SADB_X_SPDENABLE 24 /* by policy id */ 108 #define SADB_X_SPDDISABLE 25 /* by policy id */ 109 #define SADB_MIGRATE 26 110 #define SADB_MAX 26 111 112 struct sadb_msg { 113 u_int8_t sadb_msg_version; 114 u_int8_t sadb_msg_type; 115 u_int8_t sadb_msg_errno; 116 u_int8_t sadb_msg_satype; 117 u_int16_t sadb_msg_len; 118 u_int16_t sadb_msg_reserved; 119 u_int32_t sadb_msg_seq; 120 u_int32_t sadb_msg_pid; 121 }; 122 123 struct sadb_ext { 124 u_int16_t sadb_ext_len; 125 u_int16_t sadb_ext_type; 126 }; 127 128 struct sadb_sa { 129 u_int16_t sadb_sa_len; 130 u_int16_t sadb_sa_exttype; 131 u_int32_t sadb_sa_spi; 132 u_int8_t sadb_sa_replay; 133 u_int8_t sadb_sa_state; 134 u_int8_t sadb_sa_auth; 135 u_int8_t sadb_sa_encrypt; 136 u_int32_t sadb_sa_flags; 137 }; 138 139 #ifdef PRIVATE 140 struct sadb_sa_2 { 141 struct sadb_sa sa; 142 u_int16_t sadb_sa_natt_port; 143 union { 144 u_int16_t sadb_reserved0; 145 u_int16_t sadb_sa_natt_interval; 146 }; 147 148 u_int16_t sadb_sa_natt_offload_interval; 149 #define SADB_SA_NATT_SRC_PORT 1 150 u_int16_t sadb_sa_natt_src_port; 151 }; 152 #endif /* PRIVATE */ 153 154 struct sadb_lifetime { 155 u_int16_t sadb_lifetime_len; 156 u_int16_t sadb_lifetime_exttype; 157 u_int32_t sadb_lifetime_allocations; 158 u_int64_t sadb_lifetime_bytes; 159 u_int64_t sadb_lifetime_addtime; 160 u_int64_t sadb_lifetime_usetime; 161 }; 162 163 struct sadb_address { 164 u_int16_t sadb_address_len; 165 u_int16_t sadb_address_exttype; 166 u_int8_t sadb_address_proto; 167 u_int8_t sadb_address_prefixlen; 168 u_int16_t sadb_address_reserved; 169 }; 170 171 struct sadb_key { 172 u_int16_t sadb_key_len; 173 u_int16_t sadb_key_exttype; 174 u_int16_t sadb_key_bits; 175 u_int16_t sadb_key_reserved; 176 }; 177 178 struct sadb_ident { 179 u_int16_t sadb_ident_len; 180 u_int16_t sadb_ident_exttype; 181 u_int16_t sadb_ident_type; 182 u_int16_t sadb_ident_reserved; 183 u_int64_t sadb_ident_id; 184 }; 185 186 struct sadb_sens { 187 u_int16_t sadb_sens_len; 188 u_int16_t sadb_sens_exttype; 189 u_int32_t sadb_sens_dpd; 190 u_int8_t sadb_sens_sens_level; 191 u_int8_t sadb_sens_sens_len; 192 u_int8_t sadb_sens_integ_level; 193 u_int8_t sadb_sens_integ_len; 194 u_int32_t sadb_sens_reserved; 195 }; 196 197 struct sadb_prop { 198 u_int16_t sadb_prop_len; 199 u_int16_t sadb_prop_exttype; 200 u_int8_t sadb_prop_replay; 201 u_int8_t sadb_prop_reserved[3]; 202 }; 203 204 struct sadb_comb { 205 u_int8_t sadb_comb_auth; 206 u_int8_t sadb_comb_encrypt; 207 u_int16_t sadb_comb_flags; 208 u_int16_t sadb_comb_auth_minbits; 209 u_int16_t sadb_comb_auth_maxbits; 210 u_int16_t sadb_comb_encrypt_minbits; 211 u_int16_t sadb_comb_encrypt_maxbits; 212 u_int32_t sadb_comb_reserved; 213 u_int32_t sadb_comb_soft_allocations; 214 u_int32_t sadb_comb_hard_allocations; 215 u_int64_t sadb_comb_soft_bytes; 216 u_int64_t sadb_comb_hard_bytes; 217 u_int64_t sadb_comb_soft_addtime; 218 u_int64_t sadb_comb_hard_addtime; 219 u_int64_t sadb_comb_soft_usetime; 220 u_int64_t sadb_comb_hard_usetime; 221 }; 222 223 struct sadb_supported { 224 u_int16_t sadb_supported_len; 225 u_int16_t sadb_supported_exttype; 226 u_int32_t sadb_supported_reserved; 227 }; 228 229 struct sadb_alg { 230 u_int8_t sadb_alg_id; 231 u_int8_t sadb_alg_ivlen; 232 u_int16_t sadb_alg_minbits; 233 u_int16_t sadb_alg_maxbits; 234 u_int16_t sadb_alg_reserved; 235 }; 236 237 struct sadb_spirange { 238 u_int16_t sadb_spirange_len; 239 u_int16_t sadb_spirange_exttype; 240 u_int32_t sadb_spirange_min; 241 u_int32_t sadb_spirange_max; 242 u_int32_t sadb_spirange_reserved; 243 }; 244 245 struct sadb_x_kmprivate { 246 u_int16_t sadb_x_kmprivate_len; 247 u_int16_t sadb_x_kmprivate_exttype; 248 u_int32_t sadb_x_kmprivate_reserved; 249 }; 250 251 /* 252 * XXX Additional SA Extension. 253 * mode: tunnel or transport 254 * reqid: to make SA unique nevertheless the address pair of SA are same. 255 * Mainly it's for VPN. 256 */ 257 struct sadb_x_sa2 { 258 u_int16_t sadb_x_sa2_len; 259 u_int16_t sadb_x_sa2_exttype; 260 u_int8_t sadb_x_sa2_mode; 261 union { 262 u_int8_t sadb_x_sa2_reserved1; 263 #ifdef PRIVATE 264 u_int8_t sadb_x_sa2_alwaysexpire; 265 #endif 266 }; 267 union { 268 u_int16_t sadb_x_sa2_reserved2; 269 #ifdef PRIVATE 270 u_int16_t sadb_x_sa2_flags; 271 #endif 272 }; 273 u_int32_t sadb_x_sa2_sequence; 274 u_int32_t sadb_x_sa2_reqid; 275 }; 276 277 /* XXX Policy Extension */ 278 /* sizeof(struct sadb_x_policy) == 16 */ 279 struct sadb_x_policy { 280 u_int16_t sadb_x_policy_len; 281 u_int16_t sadb_x_policy_exttype; 282 u_int16_t sadb_x_policy_type; /* See policy type of ipsec.h */ 283 u_int8_t sadb_x_policy_dir; /* direction, see ipsec.h */ 284 u_int8_t sadb_x_policy_reserved; 285 u_int32_t sadb_x_policy_id; 286 u_int32_t sadb_x_policy_reserved2; 287 }; 288 /* 289 * When policy_type == IPSEC, it is followed by some of 290 * the ipsec policy request. 291 * [total length of ipsec policy requests] 292 * = (sadb_x_policy_len * sizeof(uint64_t) - sizeof(struct sadb_x_policy)) 293 */ 294 #ifdef PRIVATE 295 /* IPsec Interface Extension: 296 * IPsec interface can be specified alone, or all three 297 * of internal, outgoing, and IPsec interfaces must be 298 * specified. 299 */ 300 struct sadb_x_ipsecif { 301 u_int16_t sadb_x_ipsecif_len; 302 u_int16_t sadb_x_ipsecif_exttype; 303 char sadb_x_ipsecif_internal_if[IFXNAMSIZ]; /* Steal packets from this interface */ 304 char sadb_x_ipsecif_outgoing_if[IFXNAMSIZ]; /* Send packets out on this interface */ 305 char sadb_x_ipsecif_ipsec_if[IFXNAMSIZ]; /* Direct packets through ipsec interface */ 306 u_int16_t sadb_x_ipsecif_init_disabled; /* 0 or 1, flag to ignore policy */ 307 u_int16_t reserved; 308 }; 309 #endif 310 /* XXX IPsec Policy Request Extension */ 311 /* 312 * This structure is aligned 8 bytes. 313 */ 314 struct sadb_x_ipsecrequest { 315 u_int16_t sadb_x_ipsecrequest_len; /* structure length aligned to 8 bytes. 316 * This value is true length of bytes. 317 * Not in units of 64 bits. */ 318 u_int16_t sadb_x_ipsecrequest_proto; /* See ipsec.h */ 319 u_int8_t sadb_x_ipsecrequest_mode; /* See IPSEC_MODE_XX in ipsec.h. */ 320 u_int8_t sadb_x_ipsecrequest_level; /* See IPSEC_LEVEL_XX in ipsec.h */ 321 u_int16_t sadb_x_ipsecrequest_reqid; /* See ipsec.h */ 322 323 /* 324 * followed by source IP address of SA, and immediately followed by 325 * destination IP address of SA. These encoded into two of sockaddr 326 * structure without any padding. Must set each sa_len exactly. 327 * Each of length of the sockaddr structure are not aligned to 64bits, 328 * but sum of x_request and addresses is aligned to 64bits. 329 */ 330 }; 331 332 struct sadb_session_id { 333 u_int16_t sadb_session_id_len; 334 u_int16_t sadb_session_id_exttype; 335 /* [0] is an arbitrary handle that means something only for requester 336 * [1] is a global session id for lookups in the kernel and racoon. 337 */ 338 u_int64_t sadb_session_id_v[2]; 339 } __attribute__ ((aligned(8))); 340 341 struct sastat { 342 u_int32_t spi; /* SPI Value, network byte order */ 343 u_int32_t created; /* for lifetime */ 344 struct sadb_lifetime lft_c; /* CURRENT lifetime. */ 345 }; // no need to align 346 347 struct sadb_sastat { 348 u_int16_t sadb_sastat_len; 349 u_int16_t sadb_sastat_exttype; 350 u_int32_t sadb_sastat_dir; 351 u_int32_t sadb_sastat_reserved; 352 u_int32_t sadb_sastat_list_len; 353 /* list of struct sastat comes after */ 354 } __attribute__ ((aligned(8))); 355 356 #define SADB_EXT_RESERVED 0 357 #define SADB_EXT_SA 1 358 #define SADB_EXT_LIFETIME_CURRENT 2 359 #define SADB_EXT_LIFETIME_HARD 3 360 #define SADB_EXT_LIFETIME_SOFT 4 361 #define SADB_EXT_ADDRESS_SRC 5 362 #define SADB_EXT_ADDRESS_DST 6 363 #define SADB_EXT_ADDRESS_PROXY 7 364 #define SADB_EXT_KEY_AUTH 8 365 #define SADB_EXT_KEY_ENCRYPT 9 366 #define SADB_EXT_IDENTITY_SRC 10 367 #define SADB_EXT_IDENTITY_DST 11 368 #define SADB_EXT_SENSITIVITY 12 369 #define SADB_EXT_PROPOSAL 13 370 #define SADB_EXT_SUPPORTED_AUTH 14 371 #define SADB_EXT_SUPPORTED_ENCRYPT 15 372 #define SADB_EXT_SPIRANGE 16 373 #define SADB_X_EXT_KMPRIVATE 17 374 #define SADB_X_EXT_POLICY 18 375 #define SADB_X_EXT_SA2 19 376 #define SADB_EXT_SESSION_ID 20 377 #define SADB_EXT_SASTAT 21 378 #define SADB_X_EXT_IPSECIF 22 379 #define SADB_X_EXT_ADDR_RANGE_SRC_START 23 380 #define SADB_X_EXT_ADDR_RANGE_SRC_END 24 381 #define SADB_X_EXT_ADDR_RANGE_DST_START 25 382 #define SADB_X_EXT_ADDR_RANGE_DST_END 26 383 #define SADB_EXT_MIGRATE_ADDRESS_SRC 27 384 #define SADB_EXT_MIGRATE_ADDRESS_DST 28 385 #define SADB_X_EXT_MIGRATE_IPSECIF 29 386 #define SADB_EXT_MAX 29 387 388 #define SADB_SATYPE_UNSPEC 0 389 #define SADB_SATYPE_AH 2 390 #define SADB_SATYPE_ESP 3 391 #define SADB_SATYPE_RSVP 5 392 #define SADB_SATYPE_OSPFV2 6 393 #define SADB_SATYPE_RIPV2 7 394 #define SADB_SATYPE_MIP 8 395 #define SADB_X_SATYPE_IPCOMP 9 396 #define SADB_X_SATYPE_POLICY 10 397 #define SADB_SATYPE_MAX 11 398 399 #define SADB_SASTATE_LARVAL 0 400 #define SADB_SASTATE_MATURE 1 401 #define SADB_SASTATE_DYING 2 402 #define SADB_SASTATE_DEAD 3 403 #define SADB_SASTATE_MAX 3 404 405 #define SADB_SAFLAGS_PFS 1 406 407 /* RFC2367 numbers - meets RFC2407 */ 408 #define SADB_AALG_NONE 0 409 #define SADB_AALG_MD5HMAC 1 /*2*/ 410 #define SADB_AALG_SHA1HMAC 2 /*3*/ 411 #define SADB_AALG_MAX 8 412 /* private allocations - based on RFC2407/IANA assignment */ 413 #define SADB_X_AALG_SHA2_256 6 /*5*/ 414 #define SADB_X_AALG_SHA2_384 7 /*6*/ 415 #define SADB_X_AALG_SHA2_512 8 /*7*/ 416 /* private allocations should use 249-255 (RFC2407) */ 417 #define SADB_X_AALG_MD5 3 /*249*/ /* Keyed MD5 */ 418 #define SADB_X_AALG_SHA 4 /*250*/ /* Keyed SHA */ 419 #define SADB_X_AALG_NULL 5 /*251*/ /* null authentication */ 420 421 /* RFC2367 numbers - meets RFC2407 */ 422 #define SADB_EALG_NONE 0 423 #define SADB_EALG_DESCBC 1 /*2*/ 424 #define SADB_EALG_3DESCBC 2 /*3*/ 425 #define SADB_EALG_NULL 3 /*11*/ 426 #define SADB_EALG_MAX 12 427 /* private allocations - based on RFC2407/IANA assignment */ 428 #define SADB_X_EALG_CAST128CBC 5 /*6*/ 429 #define SADB_X_EALG_BLOWFISHCBC 4 /*7*/ 430 #define SADB_X_EALG_RIJNDAELCBC 12 431 #define SADB_X_EALG_AESCBC 12 432 #define SADB_X_EALG_AES 12 433 #define SADB_X_EALG_AES_GCM 13 434 #define SADB_X_EALG_CHACHA20POLY1305 14 435 #define SADB_X_EALG_AES_GMAC 15 436 /* private allocations should use 249-255 (RFC2407) */ 437 438 #if 1 /*nonstandard */ 439 #define SADB_X_CALG_NONE 0 440 #define SADB_X_CALG_OUI 1 441 #define SADB_X_CALG_DEFLATE 2 442 #define SADB_X_CALG_LZS 3 443 #define SADB_X_CALG_MAX 4 444 #endif 445 446 #define SADB_IDENTTYPE_RESERVED 0 447 #define SADB_IDENTTYPE_PREFIX 1 448 #define SADB_IDENTTYPE_FQDN 2 449 #define SADB_IDENTTYPE_USERFQDN 3 450 #define SADB_X_IDENTTYPE_ADDR 4 451 #define SADB_IDENTTYPE_MAX 4 452 453 /* `flags' in sadb_sa structure holds followings */ 454 #define SADB_X_EXT_NONE 0x0000 /* i.e. new format. */ 455 #define SADB_X_EXT_OLD 0x0001 /* old format. */ 456 #ifdef PRIVATE 457 #define SADB_X_EXT_NATT 0x0002 /* Use UDP encapsulation to traverse NAT */ 458 #define SADB_X_EXT_NATT_KEEPALIVE 0x0004 /* Local node is behind NAT, send keepalives */ 459 /* Should only be set for outbound SAs */ 460 #define SADB_X_EXT_NATT_MULTIPLEUSERS 0x0008 /* For use on VPN server - support multiple users */ 461 462 #endif /* PRIVATE */ 463 464 #define SADB_X_EXT_IV4B 0x0010 /* IV length of 4 bytes in use */ 465 #define SADB_X_EXT_DERIV 0x0020 /* DES derived */ 466 #define SADB_X_EXT_CYCSEQ 0x0040 /* allowing to cyclic sequence. */ 467 468 /* three of followings are exclusive flags each them */ 469 #define SADB_X_EXT_PSEQ 0x0000 /* sequencial padding for ESP */ 470 #define SADB_X_EXT_PRAND 0x0100 /* random padding for ESP */ 471 #define SADB_X_EXT_PZERO 0x0200 /* zero padding for ESP */ 472 #define SADB_X_EXT_PMASK 0x0300 /* mask for padding flag */ 473 474 #define SADB_X_EXT_IIV 0x0400 /* Implicit IV */ 475 476 #ifdef PRIVATE 477 #define SADB_X_EXT_NATT_DETECTED_PEER 0x1000 478 #define SADB_X_EXT_ESP_KEEPALIVE 0x2000 479 #define SADB_X_EXT_PUNT_RX_KEEPALIVE 0x4000 480 #define SADB_X_EXT_NATT_KEEPALIVE_OFFLOAD 0x8000 481 #endif /* PRIVATE */ 482 483 #ifdef PRIVATE 484 #define NATT_KEEPALIVE_OFFLOAD_INTERVAL 0x1 485 #endif 486 487 #if 1 488 #define SADB_X_EXT_RAWCPI 0x0080 /* use well known CPI (IPComp) */ 489 #endif 490 491 #define SADB_KEY_FLAGS_MAX 0x7fff 492 493 #ifdef PRIVATE 494 #define SADB_X_EXT_SA2_DELETE_ON_DETACH 0x0001 495 #define SADB_X_EXT_SA2_SEQ_PER_TRAFFIC_CLASS 0x0002 496 #endif 497 498 /* SPI size for PF_KEYv2 */ 499 #define PFKEY_SPI_SIZE sizeof(u_int32_t) 500 501 /* Identifier for menber of lifetime structure */ 502 #define SADB_X_LIFETIME_ALLOCATIONS 0 503 #define SADB_X_LIFETIME_BYTES 1 504 #define SADB_X_LIFETIME_ADDTIME 2 505 #define SADB_X_LIFETIME_USETIME 3 506 507 /* The rate for SOFT lifetime against HARD one. */ 508 #define PFKEY_SOFT_LIFETIME_RATE 80 509 510 /* Utilities */ 511 #define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1))) 512 #define PFKEY_EXTLEN(msg) \ 513 PFKEY_UNUNIT64(((struct sadb_ext *)(msg))->sadb_ext_len) 514 #define PFKEY_ADDR_PREFIX(ext) \ 515 (((struct sadb_address *)(ext))->sadb_address_prefixlen) 516 #define PFKEY_ADDR_PROTO(ext) \ 517 (((struct sadb_address *)(ext))->sadb_address_proto) 518 #define PFKEY_ADDR_SADDR(ext) \ 519 ((struct sockaddr *)((caddr_t)(ext) + sizeof(struct sadb_address))) 520 521 /* in 64bits */ 522 #define PFKEY_UNUNIT64(a) ((a) << 3) 523 #define PFKEY_UNIT64(a) ((a) >> 3) 524 525 #endif /* __PFKEY_V2_H */ 526 527 #endif /* _NET_PFKEYV2_H_ */ 528