sync with kame tree as of july00. tons of bug fixes/improvements.

API changes:
- additional IPv6 ioctls
- IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8).
  (also syntax change)

10 files changed, 1281 insertions, 419 deletions

diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index 74078aa4..b229612 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -66,7 +66,6 @@
 #endif
 #ifdef INET6
 #include <netinet6/nd6.h>
-#include <netinet6/in6_ifattach.h>
 #endif
 
 #ifdef IPX
@@ -669,9 +668,6 @@ ether_ifattach(ifp)
 	sdl->sdl_type = IFT_ETHER;
 	sdl->sdl_alen = ifp->if_addrlen;
 	bcopy((IFP2AC(ifp))->ac_enaddr, LLADDR(sdl), ifp->if_addrlen);
-#ifdef INET6
-	in6_ifattach_getifid(ifp);
-#endif
 	if (ng_ether_attach_p != NULL)
 		(*ng_ether_attach_p)(ifp);
 }
diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c
index 0b32657..0337a61 100644
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: if_gif.c,v 1.28 2000/06/20 12:30:03 jinmei Exp $	*/
+
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
@@ -25,12 +28,6 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- * $FreeBSD$
- */
-
-/*
- * gif.c
  */
 
 #include "opt_inet.h"
@@ -46,6 +43,7 @@
 #include <sys/errno.h>
 #include <sys/time.h>
 #include <sys/syslog.h>
+#include <sys/protosw.h>
 #include <machine/cpu.h>
 
 #include <net/if.h>
@@ -70,21 +68,47 @@
 #include <netinet/ip6.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/in6_gif.h>
+#include <netinet6/ip6protosw.h>
 #endif /* INET6 */
 
+#include <netinet/ip_encap.h>
 #include <net/if_gif.h>
 
 #include "gif.h"
+#include "bpf.h"
+#define NBPFILTER	NBPF
 
 #include <net/net_osdep.h>
 
+#if NGIF > 0
+
 void gifattach __P((void *));
+static int gif_encapcheck __P((const struct mbuf *, int, int, void *));
+#ifdef INET
+extern struct protosw in_gif_protosw;
+#endif
+#ifdef INET6
+extern struct ip6protosw in6_gif_protosw;
+#endif
 
 /*
  * gif global variable definitions
  */
-int ngif = NGIF + 1;		/* number of interfaces. +1 for stf. */
-struct gif_softc *gif = 0;
+static int ngif;		/* number of interfaces */
+static struct gif_softc *gif = 0;
+
+#ifndef MAX_GIF_NEST
+/*
+ * This macro controls the upper limitation on nesting of gif tunnels.
+ * Since, setting a large value to this macro with a careless configuration
+ * may introduce system crash, we don't allow any nestings by default.
+ * If you need to configure nested gif tunnels, you can define this macro
+ * in your kernel configuration file. However, if you do so, please be
+ * careful to configure the tunnels so that it won't make a loop.
+ */
+#define MAX_GIF_NEST 1
+#endif
+static int max_gif_nesting = MAX_GIF_NEST;
 
 void
 gifattach(dummy)
@@ -93,34 +117,111 @@ gifattach(dummy)
 	register struct gif_softc *sc;
 	register int i;
 
+	ngif = NGIF;
 	gif = sc = malloc (ngif * sizeof(struct gif_softc), M_DEVBUF, M_WAIT);
 	bzero(sc, ngif * sizeof(struct gif_softc));
-	for (i = 0; i < ngif - 1; sc++, i++) {  /* leave last one for stf */
+	for (i = 0; i < ngif; sc++, i++) {
 		sc->gif_if.if_name = "gif";
 		sc->gif_if.if_unit = i;
+
+		sc->encap_cookie4 = sc->encap_cookie6 = NULL;
+#ifdef INET
+		sc->encap_cookie4 = encap_attach_func(AF_INET, -1,
+		    gif_encapcheck, &in_gif_protosw, sc);
+		if (sc->encap_cookie4 == NULL) {
+			printf("%s: attach failed\n", if_name(&sc->gif_if));
+			continue;
+		}
+#endif
+#ifdef INET6
+		sc->encap_cookie6 = encap_attach_func(AF_INET6, -1,
+		    gif_encapcheck, (struct protosw *)&in6_gif_protosw, sc);
+		if (sc->encap_cookie6 == NULL) {
+			if (sc->encap_cookie4) {
+				encap_detach(sc->encap_cookie4);
+				sc->encap_cookie4 = NULL;
+			}
+			printf("%s: attach failed\n", if_name(&sc->gif_if));
+			continue;
+		}
+#endif
+
 		sc->gif_if.if_mtu    = GIF_MTU;
 		sc->gif_if.if_flags  = IFF_POINTOPOINT | IFF_MULTICAST;
 		sc->gif_if.if_ioctl  = gif_ioctl;
 		sc->gif_if.if_output = gif_output;
 		sc->gif_if.if_type   = IFT_GIF;
-		sc->gif_if.if_snd.ifq_maxlen = ifqmaxlen;
+		sc->gif_if.if_snd.ifq_maxlen = IFQ_MAXLEN;
 		if_attach(&sc->gif_if);
+#if NBPFILTER > 0
+#ifdef HAVE_OLD_BPF
 		bpfattach(&sc->gif_if, DLT_NULL, sizeof(u_int));
+#else
+		bpfattach(&sc->gif_if.if_bpf, &sc->gif_if, DLT_NULL, sizeof(u_int));
+#endif
+#endif
 	}
-	sc->gif_if.if_name = "stf";
-	sc->gif_if.if_unit = 0;
-	sc->gif_if.if_mtu    = GIF_MTU;
-	sc->gif_if.if_flags  = IFF_MULTICAST;
-	sc->gif_if.if_ioctl  = gif_ioctl;
-	sc->gif_if.if_output = gif_output;
-	sc->gif_if.if_type   = IFT_GIF;
-	sc->gif_if.if_snd.ifq_maxlen = ifqmaxlen;
-	if_attach(&sc->gif_if);
-	bpfattach(&sc->gif_if, DLT_NULL, sizeof(u_int));
 }
 
 PSEUDO_SET(gifattach, if_gif);
 
+static int
+gif_encapcheck(m, off, proto, arg)
+	const struct mbuf *m;
+	int off;
+	int proto;
+	void *arg;
+{
+	struct ip ip;
+	struct gif_softc *sc;
+
+	sc = (struct gif_softc *)arg;
+	if (sc == NULL)
+		return 0;
+
+	if ((sc->gif_if.if_flags & IFF_UP) == 0)
+		return 0;
+
+	/* no physical address */
+	if (!sc->gif_psrc || !sc->gif_pdst)
+		return 0;
+
+	switch (proto) {
+#ifdef INET
+	case IPPROTO_IPV4:
+		break;
+#endif
+#ifdef INET6
+	case IPPROTO_IPV6:
+		break;
+#endif
+	default:
+		return 0;
+	}
+
+	/* LINTED const cast */
+	m_copydata((struct mbuf *)m, 0, sizeof(ip), (caddr_t)&ip);
+
+	switch (ip.ip_v) {
+#ifdef INET
+	case 4:
+		if (sc->gif_psrc->sa_family != AF_INET ||
+		    sc->gif_pdst->sa_family != AF_INET)
+			return 0;
+		return gif_encapcheck4(m, off, proto, arg);
+#endif
+#ifdef INET6
+	case 6:
+		if (sc->gif_psrc->sa_family != AF_INET6 ||
+		    sc->gif_pdst->sa_family != AF_INET6)
+			return 0;
+		return gif_encapcheck6(m, off, proto, arg);
+#endif
+	default:
+		return 0;
+	}
+}
+
 int
 gif_output(ifp, m, dst, rt)
 	struct ifnet *ifp;
@@ -131,7 +232,6 @@ gif_output(ifp, m, dst, rt)
 	register struct gif_softc *sc = (struct gif_softc*)ifp;
 	int error = 0;
 	static int called = 0;	/* XXX: MUTEX */
-	int calllimit = 10;	/* XXX: adhoc */
 
 	/*
 	 * gif may cause infinite recursion calls when misconfigured.
@@ -140,7 +240,7 @@ gif_output(ifp, m, dst, rt)
 	 *      mutual exclusion of the variable CALLED, especially if we
 	 *      use kernel thread.
 	 */
-	if (++called >= calllimit) {
+	if (++called > max_gif_nesting) {
 		log(LOG_NOTICE,
 		    "gif_output: recursively called too many times(%d)\n",
 		    called);
@@ -148,6 +248,7 @@ gif_output(ifp, m, dst, rt)
 		error = EIO;	/* is there better errno? */
 		goto end;
 	}
+
 	getmicrotime(&ifp->if_lastchange);
 	m->m_flags &= ~(M_BCAST|M_MCAST);
 	if (!(ifp->if_flags & IFF_UP) ||
@@ -157,6 +258,7 @@ gif_output(ifp, m, dst, rt)
 		goto end;
 	}
 
+#if NBPFILTER > 0
 	if (ifp->if_bpf) {
 		/*
 		 * We need to prepend the address family as
@@ -171,12 +273,19 @@ gif_output(ifp, m, dst, rt)
 		m0.m_next = m;
 		m0.m_len = 4;
 		m0.m_data = (char *)&af;
-
+		
+#ifdef HAVE_OLD_BPF
 		bpf_mtap(ifp, &m0);
+#else
+		bpf_mtap(ifp->if_bpf, &m0);
+#endif
 	}
-	ifp->if_opackets++;
+#endif
+	ifp->if_opackets++;	
 	ifp->if_obytes += m->m_pkthdr.len;
 
+	/* XXX should we check if our outer source is legal? */
+
 	switch (sc->gif_psrc->sa_family) {
 #ifdef INET
 	case AF_INET:
@@ -189,7 +298,7 @@ gif_output(ifp, m, dst, rt)
 		break;
 #endif
 	default:
-		m_freem(m);
+		m_freem(m);		
 		error = ENETDOWN;
 	}
 
@@ -214,9 +323,9 @@ gif_input(m, af, gifp)
 		return;
 	}
 
-	if (m->m_pkthdr.rcvif)
-		m->m_pkthdr.rcvif = gifp;
-
+	m->m_pkthdr.rcvif = gifp;
+	
+#if NBPFILTER > 0
 	if (gifp->if_bpf) {
 		/*
 		 * We need to prepend the address family as
@@ -227,13 +336,18 @@ gif_input(m, af, gifp)
 		 */
 		struct mbuf m0;
 		u_int af = AF_INET6;
-
+		
 		m0.m_next = m;
 		m0.m_len = 4;
 		m0.m_data = (char *)&af;
-
+		
+#ifdef HAVE_OLD_BPF
 		bpf_mtap(gifp, &m0);
+#else
+		bpf_mtap(gifp->if_bpf, &m0);
+#endif
 	}
+#endif /*NBPFILTER > 0*/
 
 	/*
 	 * Put the packet to the network layer input queue according to the
@@ -282,7 +396,7 @@ gif_input(m, af, gifp)
 	return;
 }
 
-
+/* XXX how should we handle IPv6 scope on SIOC[GS]IFPHYADDR? */
 int
 gif_ioctl(ifp, cmd, data)
 	struct ifnet *ifp;
@@ -292,12 +406,15 @@ gif_ioctl(ifp, cmd, data)
 	struct gif_softc *sc  = (struct gif_softc*)ifp;
 	struct ifreq     *ifr = (struct ifreq*)data;
 	int error = 0, size;
-	struct sockaddr *sa, *dst, *src;
-
+	struct sockaddr *dst, *src;
+	struct sockaddr *sa;
+	int i;
+	struct gif_softc *sc2;
+		
 	switch (cmd) {
 	case SIOCSIFADDR:
 		break;
-
+		
 	case SIOCSIFDSTADDR:
 		break;
 
@@ -305,8 +422,10 @@ gif_ioctl(ifp, cmd, data)
 	case SIOCDELMULTI:
 		break;
 
+#ifdef	SIOCSIFMTU /* xxx */
 	case SIOCGIFMTU:
 		break;
+
 	case SIOCSIFMTU:
 		{
 			u_long mtu;
@@ -317,103 +436,125 @@ gif_ioctl(ifp, cmd, data)
 			ifp->if_mtu = mtu;
 		}
 		break;
+#endif /* SIOCSIFMTU */
 
 	case SIOCSIFPHYADDR:
 #ifdef INET6
 	case SIOCSIFPHYADDR_IN6:
 #endif /* INET6 */
-		switch (ifr->ifr_addr.sa_family) {
-#ifdef INET
-		case AF_INET:
+		switch (cmd) {
+		case SIOCSIFPHYADDR:
 			src = (struct sockaddr *)
 				&(((struct in_aliasreq *)data)->ifra_addr);
 			dst = (struct sockaddr *)
 				&(((struct in_aliasreq *)data)->ifra_dstaddr);
+			break;
+#ifdef INET6
+		case SIOCSIFPHYADDR_IN6:
+			src = (struct sockaddr *)
+				&(((struct in6_aliasreq *)data)->ifra_addr);
+			dst = (struct sockaddr *)
+				&(((struct in6_aliasreq *)data)->ifra_dstaddr);
+			break;
+#endif
+		}
 
-			/* only one gif can have dst = INADDR_ANY */
-#define	satosaddr(sa) (((struct sockaddr_in *)(sa))->sin_addr.s_addr)
+		for (i = 0; i < ngif; i++) {
+			sc2 = gif + i;
+			if (sc2 == sc)
+				continue;
+			if (!sc2->gif_pdst || !sc2->gif_psrc)
+				continue;
+			if (sc2->gif_pdst->sa_family != dst->sa_family ||
+			    sc2->gif_pdst->sa_len != dst->sa_len ||
+			    sc2->gif_psrc->sa_family != src->sa_family ||
+			    sc2->gif_psrc->sa_len != src->sa_len)
+				continue;
+			/* can't configure same pair of address onto two gifs */
+			if (bcmp(sc2->gif_pdst, dst, dst->sa_len) == 0 &&
+			    bcmp(sc2->gif_psrc, src, src->sa_len) == 0) {
+				error = EADDRNOTAVAIL;
+				goto bad;
+			}
 
+			/* can't configure multiple multi-dest interfaces */
+#define multidest(x) \
+	(((struct sockaddr_in *)(x))->sin_addr.s_addr == INADDR_ANY)
 #ifdef INET6
-			if (bcmp(ifp->if_name, "stf", 3) == 0)
-				satosaddr(dst) = INADDR_BROADCAST;
+#define multidest6(x) \
+	(IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *)(x))->sin6_addr))
 #endif
-
-			if (satosaddr(dst) == INADDR_ANY) {
-				int i;
-				struct gif_softc *sc2;
-
-			  	for (i = 0, sc2 = gif; i < ngif; i++, sc2++) {
-					if (sc2 == sc) continue;
-					if (sc2->gif_pdst &&
-					    satosaddr(sc2->gif_pdst)
-						== INADDR_ANY) {
-					    error = EADDRNOTAVAIL;
-					    goto bad;
-					}
-				}
+			if (dst->sa_family == AF_INET &&
+			    multidest(dst) && multidest(sc2->gif_pdst)) {
+				error = EADDRNOTAVAIL;
+				goto bad;
 			}
+#ifdef INET6
+			if (dst->sa_family == AF_INET6 &&
+			    multidest6(dst) && multidest6(sc2->gif_pdst)) {
+				error = EADDRNOTAVAIL;
+				goto bad;
+			}
+#endif
+		}
+
+		if (src->sa_family != dst->sa_family ||
+		    src->sa_len != dst->sa_len) {
+			error = EINVAL;
+			break;
+		}
+		switch (src->sa_family) {
+#ifdef INET
+		case AF_INET:
 			size = sizeof(struct sockaddr_in);
 			break;
-#endif /* INET */
+#endif
 #ifdef INET6
 		case AF_INET6:
-			src = (struct sockaddr *)
-				&(((struct in6_aliasreq *)data)->ifra_addr);
-			dst = (struct sockaddr *)
-				&(((struct in6_aliasreq *)data)->ifra_dstaddr);
-
-			/* only one gif can have dst = in6addr_any */
-#define	satoin6(sa) (&((struct sockaddr_in6 *)(sa))->sin6_addr)
-
-			if (IN6_IS_ADDR_UNSPECIFIED(satoin6(dst))) {
-				int i;
-				struct gif_softc *sc2;
-
-			  	for (i = 0, sc2 = gif; i < ngif; i++, sc2++) {
-					if (sc2 == sc) continue;
-					if (sc2->gif_pdst &&
-					    IN6_IS_ADDR_UNSPECIFIED(
-						satoin6(sc2->gif_pdst)
-								    )) {
-					    error = EADDRNOTAVAIL;
-					    goto bad;
-					}
-				}
-			}
 			size = sizeof(struct sockaddr_in6);
 			break;
-#endif /* INET6 */
+#endif
 		default:
-			error = EPROTOTYPE;
+			error = EAFNOSUPPORT;
 			goto bad;
+		}
+		if (src->sa_len != size) {
+			error = EINVAL;
 			break;
 		}
-		if (sc->gif_psrc != NULL)
-			free((caddr_t)sc->gif_psrc, M_IFADDR);
-		if (sc->gif_pdst != NULL)
-			free((caddr_t)sc->gif_pdst, M_IFADDR);
 
+		if (sc->gif_psrc)
+			free((caddr_t)sc->gif_psrc, M_IFADDR);
 		sa = (struct sockaddr *)malloc(size, M_IFADDR, M_WAITOK);
-		bzero((caddr_t)sa, size);
 		bcopy((caddr_t)src, (caddr_t)sa, size);
 		sc->gif_psrc = sa;
 
+		if (sc->gif_pdst)
+			free((caddr_t)sc->gif_pdst, M_IFADDR);
 		sa = (struct sockaddr *)malloc(size, M_IFADDR, M_WAITOK);
-		bzero((caddr_t)sa, size);
 		bcopy((caddr_t)dst, (caddr_t)sa, size);
 		sc->gif_pdst = sa;
 
-		ifp->if_flags |= (IFF_UP|IFF_RUNNING);
-		{
-			int s;
-
-			s = splnet();
-			if_up(ifp);		/* send up RTM_IFINFO */
-			splx(s);
-		}
+		ifp->if_flags |= IFF_UP;
+		if_up(ifp);		/* send up RTM_IFINFO */
 
+		error = 0;
 		break;
 
+#ifdef SIOCDIFPHYADDR
+	case SIOCDIFPHYADDR:
+		if (sc->gif_psrc) {
+			free((caddr_t)sc->gif_psrc, M_IFADDR);
+			sc->gif_psrc = NULL;
+		}
+		if (sc->gif_pdst) {
+			free((caddr_t)sc->gif_pdst, M_IFADDR);
+			sc->gif_pdst = NULL;
+		}
+		/* change the IFF_UP flag as well? */
+		break;
+#endif
+			
 	case SIOCGIFPSRCADDR:
 #ifdef INET6
 	case SIOCGIFPSRCADDR_IN6:
@@ -443,7 +584,7 @@ gif_ioctl(ifp, cmd, data)
 		}
 		bcopy((caddr_t)src, (caddr_t)dst, size);
 		break;
-
+			
 	case SIOCGIFPDSTADDR:
 #ifdef INET6
 	case SIOCGIFPDSTADDR_IN6:
@@ -475,6 +616,7 @@ gif_ioctl(ifp, cmd, data)
 		break;
 
 	case SIOCSIFFLAGS:
+		/* if_ioctl() takes care of it */
 		break;
 
 	default:
@@ -484,3 +626,4 @@ gif_ioctl(ifp, cmd, data)
  bad:
 	return error;
 }
+#endif /*NGIF > 0*/
diff --git a/sys/net/if_gif.h b/sys/net/if_gif.h
index cc26938..3699286 100644
--- a/sys/net/if_gif.h
+++ b/sys/net/if_gif.h
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: if_gif.h,v 1.13 2000/06/17 20:34:24 itojun Exp $	*/
+
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
@@ -25,8 +28,6 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- * $FreeBSD$
  */
 
 /*
@@ -36,33 +37,46 @@
 #ifndef _NET_IF_GIF_H_
 #define _NET_IF_GIF_H_
 
+
+#if (defined(__FreeBSD__) && __FreeBSD__ >= 3) || defined(__NetBSD__)
+#if defined(_KERNEL) && !defined(_LKM)
+#include "opt_inet.h"
+#endif
+#endif
+
+#include <netinet/in.h>
+/* xxx sigh, why route have struct route instead of pointer? */
+
+struct encaptab;
+
 struct gif_softc {
-	struct	ifnet		gif_if;	   /* common area */
-	struct	sockaddr	*gif_psrc; /* Physical src addr */
-	struct	sockaddr	*gif_pdst; /* Physical dst addr */
+	struct ifnet	gif_if;	   /* common area - must be at the top */
+	struct sockaddr	*gif_psrc; /* Physical src addr */
+	struct sockaddr	*gif_pdst; /* Physical dst addr */
 	union {
-		struct	route  gifscr_ro;    /* xxx */
-		struct	route_in6 gifscr_ro6; /* xxx */
+		struct route  gifscr_ro;    /* xxx */
+#ifdef INET6
+		struct route_in6 gifscr_ro6; /* xxx */
+#endif
 	} gifsc_gifscr;
-	int	gif_flags;
+	int		gif_flags;
+	const struct encaptab *encap_cookie4;
+	const struct encaptab *encap_cookie6;
 };
 
-#define	gif_ro gifsc_gifscr.gifscr_ro
-#define	gif_ro6 gifsc_gifscr.gifscr_ro6
+#define gif_ro gifsc_gifscr.gifscr_ro
+#ifdef INET6
+#define gif_ro6 gifsc_gifscr.gifscr_ro6
+#endif
 
-#define	GIFF_INUSE	0x1	/* gif is in use */
-
-#define	GIF_MTU		(1280)	/* Default MTU */
+#define GIF_MTU		(1280)	/* Default MTU */
 #define	GIF_MTU_MIN	(1280)	/* Minimum MTU */
 #define	GIF_MTU_MAX	(8192)	/* Maximum MTU */
 
-extern int	ngif;
-extern struct	gif_softc *gif;
-
 /* Prototypes */
-void	gif_input __P((struct mbuf *, int, struct ifnet *));
-int	gif_output __P((struct ifnet *, struct mbuf *,
+void gif_input __P((struct mbuf *, int, struct ifnet *));
+int gif_output __P((struct ifnet *, struct mbuf *,
 		    struct sockaddr *, struct rtentry *));
-int	gif_ioctl __P((struct ifnet *, u_long, caddr_t));
+int gif_ioctl __P((struct ifnet *, u_long, caddr_t));
 
 #endif /* _NET_IF_GIF_H_ */
diff --git a/sys/net/if_loop.c b/sys/net/if_loop.c
index cf1580e..a3d3a3b 100644
--- a/sys/net/if_loop.c
+++ b/sys/net/if_loop.c
@@ -72,7 +72,7 @@
 #include <netinet/in.h>
 #endif
 #include <netinet6/in6_var.h>
-#include <netinet6/ip6.h>
+#include <netinet/ip6.h>
 #endif
 
 #ifdef NS
diff --git a/sys/net/if_stf.c b/sys/net/if_stf.c
new file mode 100644
index 0000000..c95aaa5
--- /dev/null
+++ b/sys/net/if_stf.c
@@ -0,0 +1,662 @@
+/*	$FreeBSD$	*/
+/*	$KAME: if_stf.c,v 1.40 2000/06/20 19:44:42 itojun Exp $	*/
+
+/*
+ * Copyright (C) 2000 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * 6to4 interface, based on draft-ietf-ngtrans-6to4-06.txt.
+ *
+ * 6to4 interface is NOT capable of link-layer (I mean, IPv4) multicasting.
+ * There is no address mapping defined from IPv6 multicast address to IPv4
+ * address.  Therefore, we do not have IFF_MULTICAST on the interface.
+ *
+ * Due to the lack of address mapping for link-local addresses, we cannot
+ * throw packets toward link-local addresses (fe80::x).  Also, we cannot throw
+ * packets to link-local multicast addresses (ff02::x).
+ *
+ * Here are interesting symptoms due to the lack of link-local address:
+ *
+ * Unicast routing exchange:
+ * - RIPng: Impossible.  Uses link-local multicast packet toward ff02::9,
+ *   and link-local addresses as nexthop.
+ * - OSPFv6: Impossible.  OSPFv6 assumes that there's link-local address
+ *   assigned to the link, and makes use of them.  Also, HELLO packets use
+ *   link-local multicast addresses (ff02::5 and ff02::6).
+ * - BGP4+: Maybe.  You can only use global address as nexthop, and global
+ *   address as TCP endpoint address.
+ *
+ * Multicast routing protocols:
+ * - PIM: Hello packet cannot be used to discover adjacent PIM routers.
+ *   Adjacent PIM routers must be configured manually (is it really spec-wise
+ *   correct thing to do?).
+ *
+ * ICMPv6:
+ * - Redirects cannot be used due to the lack of link-local address.
+ *
+ * Starting from 04 draft, the specification suggests how to construct
+ * link-local address for 6to4 interface.
+ * However, it seems to have no real use and does not help the above symptom
+ * much.  Even if we assign link-locals to interface, we cannot really
+ * use link-local unicast/multicast on top of 6to4 cloud, and the above
+ * analysis does not change.
+ *
+ * 6to4 interface has security issues.  Refer to
+ * http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
+ * for details.  The code tries to filter out some of malicious packets.
+ * Note that there is no way to be 100% secure.
+ */
+
+#include "opt_inet.h"
+#include "opt_inet6.h"
+
+#include <sys/param.h>
+#include <sys/systm.h>
+#include <sys/socket.h>
+#include <sys/sockio.h>
+#include <sys/mbuf.h>
+#include <sys/errno.h>
+#include <sys/protosw.h>
+#include <sys/kernel.h>
+#include <machine/cpu.h>
+
+#include <sys/malloc.h>
+
+#include <net/if.h>
+#include <net/route.h>
+#include <net/netisr.h>
+#include <net/if_types.h>
+#include <net/if_stf.h>
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+#include <netinet/ip_var.h>
+#include <netinet/in_var.h>
+
+#include <netinet/ip6.h>
+#include <netinet6/ip6_var.h>
+#include <netinet6/in6_gif.h>
+#include <netinet6/in6_var.h>
+#include <netinet/ip_ecn.h>
+
+#include <netinet/ip_encap.h>
+
+#include <machine/stdarg.h>
+
+#include <net/net_osdep.h>
+
+#include "bpf.h"
+#define NBPFILTER	NBPF
+#include "stf.h"
+#include "gif.h"	/*XXX*/
+
+#if NBPFILTER > 0
+#include <net/bpf.h>
+#endif
+
+#if NGIF > 0
+#include <net/if_gif.h>
+#endif
+
+#if NSTF > 0
+#if NSTF != 1
+# error only single stf interface allowed
+#endif
+
+#define IN6_IS_ADDR_6TO4(x)	(ntohs((x)->s6_addr16[0]) == 0x2002)
+#define GET_V4(x)	((struct in_addr *)(&(x)->s6_addr16[1]))
+
+struct stf_softc {
+	struct ifnet	sc_if;	   /* common area */
+	union {
+		struct route  __sc_ro4;
+		struct route_in6 __sc_ro6; /* just for safety */
+	} __sc_ro46;
+#define sc_ro	__sc_ro46.__sc_ro4
+	const struct encaptab *encap_cookie;
+};
+
+static struct stf_softc *stf;
+static int nstf;
+
+#if NGIF > 0
+extern int ip_gif_ttl;	/*XXX*/
+#else
+static int ip_gif_ttl = 40;	/*XXX*/
+#endif
+
+extern struct protosw in_stf_protosw;
+
+void stfattach __P((void *));
+static int stf_encapcheck __P((const struct mbuf *, int, int, void *));
+static struct in6_ifaddr *stf_getsrcifa6 __P((struct ifnet *));
+static int stf_output __P((struct ifnet *, struct mbuf *, struct sockaddr *,
+	struct rtentry *));
+static int stf_checkaddr4 __P((struct in_addr *, struct ifnet *));
+static int stf_checkaddr6 __P((struct in6_addr *, struct ifnet *));
+static void stf_rtrequest __P((int, struct rtentry *, struct sockaddr *));
+static int stf_ioctl __P((struct ifnet *, u_long, caddr_t));
+
+void
+stfattach(dummy)
+	void *dummy;
+{
+	struct stf_softc *sc;
+	int i;
+	const struct encaptab *p;
+
+	nstf = NSTF;
+	stf = malloc(nstf * sizeof(struct stf_softc), M_DEVBUF, M_WAIT);
+	bzero(stf, nstf * sizeof(struct stf_softc));
+	sc = stf;
+
+	/* XXX just in case... */
+	for (i = 0; i < nstf; i++) {
+		sc = &stf[i];
+		bzero(sc, sizeof(*sc));
+		sc->sc_if.if_name = "stf";
+		sc->sc_if.if_unit = i;
+
+		p = encap_attach_func(AF_INET, IPPROTO_IPV6, stf_encapcheck,
+		    &in_stf_protosw, sc);
+		if (p == NULL) {
+			printf("%s: attach failed\n", if_name(&sc->sc_if));
+			continue;
+		}
+		sc->encap_cookie = p;
+
+		sc->sc_if.if_mtu    = IPV6_MMTU;
+		sc->sc_if.if_flags  = 0;
+		sc->sc_if.if_ioctl  = stf_ioctl;
+		sc->sc_if.if_output = stf_output;
+		sc->sc_if.if_type   = IFT_STF;
+		sc->sc_if.if_snd.ifq_maxlen = IFQ_MAXLEN;
+		if_attach(&sc->sc_if);
+#if NBPFILTER > 0
+#ifdef HAVE_OLD_BPF
+		bpfattach(&sc->sc_if, DLT_NULL, sizeof(u_int));
+#else
+		bpfattach(&sc->sc_if.if_bpf, &sc->sc_if, DLT_NULL, sizeof(u_int));
+#endif
+#endif
+	}
+}
+
+PSEUDO_SET(stfattach, if_stf);
+
+static int
+stf_encapcheck(m, off, proto, arg)
+	const struct mbuf *m;
+	int off;
+	int proto;
+	void *arg;
+{
+	struct ip ip;
+	struct in6_ifaddr *ia6;
+	struct stf_softc *sc;
+	struct in_addr a, b;
+
+	sc = (struct stf_softc *)arg;
+	if (sc == NULL)
+		return 0;
+
+	if ((sc->sc_if.if_flags & IFF_UP) == 0)
+		return 0;
+
+	if (proto != IPPROTO_IPV6)
+		return 0;
+
+	/* LINTED const cast */
+	m_copydata((struct mbuf *)m, 0, sizeof(ip), (caddr_t)&ip);
+
+	if (ip.ip_v != 4)
+		return 0;
+
+	ia6 = stf_getsrcifa6(&sc->sc_if);
+	if (ia6 == NULL)
+		return 0;
+
+	/*
+	 * check if IPv4 dst matches the IPv4 address derived from the
+	 * local 6to4 address.
+	 * success on: dst = 10.1.1.1, ia6->ia_addr = 2002:0a01:0101:...
+	 */
+	if (bcmp(GET_V4(&ia6->ia_addr.sin6_addr), &ip.ip_dst,
+	    sizeof(ip.ip_dst)) != 0)
+		return 0;
+
+	/*
+	 * check if IPv4 src matches the IPv4 address derived from the
+	 * local 6to4 address masked by prefixmask.
+	 * success on: src = 10.1.1.1, ia6->ia_addr = 2002:0a00:.../24
+	 * fail on: src = 10.1.1.1, ia6->ia_addr = 2002:0b00:.../24
+	 */
+	bzero(&a, sizeof(a));
+	a.s_addr = GET_V4(&ia6->ia_addr.sin6_addr)->s_addr;
+	a.s_addr &= GET_V4(&ia6->ia_prefixmask.sin6_addr)->s_addr;
+	b = ip.ip_src;
+	b.s_addr &= GET_V4(&ia6->ia_prefixmask.sin6_addr)->s_addr;
+	if (a.s_addr != b.s_addr)
+		return 0;
+
+	/* stf interface makes single side match only */
+	return 32;
+}
+
+static struct in6_ifaddr *
+stf_getsrcifa6(ifp)
+	struct ifnet *ifp;
+{
+	struct ifaddr *ia;
+	struct in_ifaddr *ia4;
+	struct sockaddr_in6 *sin6;
+	struct in_addr in;
+
+	for (ia = ifp->if_addrlist.tqh_first;
+	     ia;
+	     ia = ia->ifa_list.tqe_next)
+	{
+		if (ia->ifa_addr == NULL)
+			continue;
+		if (ia->ifa_addr->sa_family != AF_INET6)
+			continue;
+		sin6 = (struct sockaddr_in6 *)ia->ifa_addr;
+		if (!IN6_IS_ADDR_6TO4(&sin6->sin6_addr))
+			continue;
+
+		bcopy(GET_V4(&sin6->sin6_addr), &in, sizeof(in));
+		for (ia4 = TAILQ_FIRST(&in_ifaddrhead);
+		     ia4;
+		     ia4 = TAILQ_NEXT(ia4, ia_link))
+		{
+			if (ia4->ia_addr.sin_addr.s_addr == in.s_addr)
+				break;
+		}
+		if (ia4 == NULL)
+			continue;
+
+		return (struct in6_ifaddr *)ia;
+	}
+
+	return NULL;
+}
+
+#ifndef offsetof
+#define offsetof(s, e) ((int)&((s *)0)->e)
+#endif
+
+static int
+stf_output(ifp, m, dst, rt)
+	struct ifnet *ifp;
+	struct mbuf *m;
+	struct sockaddr *dst;
+	struct rtentry *rt;
+{
+	struct stf_softc *sc;
+	struct sockaddr_in6 *dst6;
+	struct sockaddr_in *dst4;
+	u_int8_t tos;
+	struct ip *ip;
+	struct ip6_hdr *ip6;
+	struct in6_ifaddr *ia6;
+
+	sc = (struct stf_softc*)ifp;
+	dst6 = (struct sockaddr_in6 *)dst;
+
+	/* just in case */
+	if ((ifp->if_flags & IFF_UP) == 0) {
+		m_freem(m);
+		return ENETDOWN;
+	}
+
+	/*
+	 * If we don't have an ip4 address that match my inner ip6 address,
+	 * we shouldn't generate output.  Without this check, we'll end up
+	 * using wrong IPv4 source.
+	 */
+	ia6 = stf_getsrcifa6(ifp);
+	if (ia6 == NULL) {
+		m_freem(m);
+		return ENETDOWN;
+	}
+
+	if (m->m_len < sizeof(*ip6)) {
+		m = m_pullup(m, sizeof(*ip6));
+		if (!m)
+			return ENOBUFS;
+	}
+	ip6 = mtod(m, struct ip6_hdr *);
+	tos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
+
+	M_PREPEND(m, sizeof(struct ip), M_DONTWAIT);
+	if (m && m->m_len < sizeof(struct ip))
+		m = m_pullup(m, sizeof(struct ip));
+	if (m == NULL)
+		return ENOBUFS;
+	ip = mtod(m, struct ip *);
+
+	bzero(ip, sizeof(*ip));
+
+	bcopy(GET_V4(&((struct sockaddr_in6 *)&ia6->ia_addr)->sin6_addr),
+	    &ip->ip_src, sizeof(ip->ip_src));
+	bcopy(GET_V4(&dst6->sin6_addr), &ip->ip_dst, sizeof(ip->ip_dst));
+	ip->ip_p = IPPROTO_IPV6;
+	ip->ip_ttl = ip_gif_ttl;	/*XXX*/
+	ip->ip_len = m->m_pkthdr.len;	/*host order*/
+	if (ifp->if_flags & IFF_LINK1)
+		ip_ecn_ingress(ECN_ALLOWED, &ip->ip_tos, &tos);
+
+	dst4 = (struct sockaddr_in *)&sc->sc_ro.ro_dst;
+	if (dst4->sin_family != AF_INET ||
+	    bcmp(&dst4->sin_addr, &ip->ip_dst, sizeof(ip->ip_dst)) != 0) {
+		/* cache route doesn't match */
+		dst4->sin_family = AF_INET;
+		dst4->sin_len = sizeof(struct sockaddr_in);
+		bcopy(&ip->ip_dst, &dst4->sin_addr, sizeof(dst4->sin_addr));
+		if (sc->sc_ro.ro_rt) {
+			RTFREE(sc->sc_ro.ro_rt);
+			sc->sc_ro.ro_rt = NULL;
+		}
+	}
+
+	if (sc->sc_ro.ro_rt == NULL) {
+		rtalloc(&sc->sc_ro);
+		if (sc->sc_ro.ro_rt == NULL) {
+			m_freem(m);
+			return ENETUNREACH;
+		}
+	}
+
+	return ip_output(m, NULL, &sc->sc_ro, 0, NULL);
+}
+
+static int
+stf_checkaddr4(in, ifp)
+	struct in_addr *in;
+	struct ifnet *ifp;	/* incoming interface */
+{
+	struct in_ifaddr *ia4;
+
+	/*
+	 * reject packets with the following address:
+	 * 224.0.0.0/4 0.0.0.0/8 127.0.0.0/8 255.0.0.0/8
+	 */
+	if (IN_MULTICAST(in->s_addr))
+		return -1;
+	switch ((ntohl(in->s_addr) & 0xff000000) >> 24) {
+	case 0: case 127: case 255:
+		return -1;
+	}
+
+	/*
+	 * reject packets with broadcast
+	 */
+	for (ia4 = TAILQ_FIRST(&in_ifaddrhead);
+	     ia4;
+	     ia4 = TAILQ_NEXT(ia4, ia_link))
+	{
+		if ((ia4->ia_ifa.ifa_ifp->if_flags & IFF_BROADCAST) == 0)
+			continue;
+		if (in->s_addr == ia4->ia_broadaddr.sin_addr.s_addr)
+			return -1;
+	}
+
+	/*
+	 * perform ingress filter
+	 */
+	if (ifp) {
+		struct sockaddr_in sin;
+		struct rtentry *rt;
+
+		bzero(&sin, sizeof(sin));
+		sin.sin_family = AF_INET;
+		sin.sin_len = sizeof(struct sockaddr_in);
+		sin.sin_addr = *in;
+		rt = rtalloc1((struct sockaddr *)&sin, 0, 0UL);
+		if (!rt)
+			return -1;
+		if (rt->rt_ifp != ifp) {
+			rtfree(rt);
+			return -1;
+		}
+		rtfree(rt);
+	}
+
+	return 0;
+}
+
+static int
+stf_checkaddr6(in6, ifp)
+	struct in6_addr *in6;
+	struct ifnet *ifp;	/* incoming interface */
+{
+	/*
+	 * check 6to4 addresses
+	 */
+	if (IN6_IS_ADDR_6TO4(in6))
+		return stf_checkaddr4(GET_V4(in6), ifp);
+
+	/*
+	 * reject anything that look suspicious.  the test is implemented
+	 * in ip6_input too, but we check here as well to
+	 * (1) reject bad packets earlier, and
+	 * (2) to be safe against future ip6_input change.
+	 */
+	if (IN6_IS_ADDR_V4COMPAT(in6) || IN6_IS_ADDR_V4MAPPED(in6))
+		return -1;
+
+	return 0;
+}
+
+void
+#if __STDC__
+in_stf_input(struct mbuf *m, ...)
+#else
+in_stf_input(m, va_alist)
+	register struct mbuf *m;
+#endif
+{
+	int off, proto;
+	struct stf_softc *sc;
+	struct ip *ip;
+	struct ip6_hdr *ip6;
+	u_int8_t otos, itos;
+	int s, isr;
+	struct ifqueue *ifq = NULL;
+	struct ifnet *ifp;
+	va_list ap;
+
+	va_start(ap, m);
+	off = va_arg(ap, int);
+	proto = va_arg(ap, int);
+	va_end(ap);
+
+	if (proto != IPPROTO_IPV6) {
+		m_freem(m);
+		return;
+	}
+
+	ip = mtod(m, struct ip *);
+
+	sc = (struct stf_softc *)encap_getarg(m);
+
+	if (sc == NULL || (sc->sc_if.if_flags & IFF_UP) == 0) {
+		m_freem(m);
+		return;
+	}
+
+	ifp = &sc->sc_if;
+
+	/*
+	 * perform sanity check against outer src/dst.
+	 * for source, perform ingress filter as well.
+	 */
+	if (stf_checkaddr4(&ip->ip_dst, NULL) < 0 ||
+	    stf_checkaddr4(&ip->ip_src, m->m_pkthdr.rcvif) < 0) {
+		m_freem(m);
+		return;
+	}
+
+	otos = ip->ip_tos;
+	m_adj(m, off);
+
+	if (m->m_len < sizeof(*ip6)) {
+		m = m_pullup(m, sizeof(*ip6));
+		if (!m)
+			return;
+	}
+	ip6 = mtod(m, struct ip6_hdr *);
+
+	/*
+	 * perform sanity check against inner src/dst.
+	 * for source, perform ingress filter as well.
+	 */
+	if (stf_checkaddr6(&ip6->ip6_dst, NULL) < 0 ||
+	    stf_checkaddr6(&ip6->ip6_src, m->m_pkthdr.rcvif) < 0) {
+		m_freem(m);
+		return;
+	}
+
+	itos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
+	if ((ifp->if_flags & IFF_LINK1) != 0)
+		ip_ecn_egress(ECN_ALLOWED, &otos, &itos);
+	ip6->ip6_flow &= ~htonl(0xff << 20);
+	ip6->ip6_flow |= htonl((u_int32_t)itos << 20);
+
+	m->m_pkthdr.rcvif = ifp;
+	
+#if NBPFILTER > 0
+	if (ifp->if_bpf) {
+		/*
+		 * We need to prepend the address family as
+		 * a four byte field.  Cons up a dummy header
+		 * to pacify bpf.  This is safe because bpf
+		 * will only read from the mbuf (i.e., it won't
+		 * try to free it or keep a pointer a to it).
+		 */
+		struct mbuf m0;
+		u_int af = AF_INET6;
+		
+		m0.m_next = m;
+		m0.m_len = 4;
+		m0.m_data = (char *)&af;
+		
+#ifdef HAVE_OLD_BPF
+		bpf_mtap(ifp, &m0);
+#else
+		bpf_mtap(ifp->if_bpf, &m0);
+#endif
+	}
+#endif /*NBPFILTER > 0*/
+
+	/*
+	 * Put the packet to the network layer input queue according to the
+	 * specified address family.
+	 * See net/if_gif.c for possible issues with packet processing
+	 * reorder due to extra queueing.
+	 */
+	ifq = &ip6intrq;
+	isr = NETISR_IPV6;
+
+	s = splimp();
+	if (IF_QFULL(ifq)) {
+		IF_DROP(ifq);	/* update statistics */
+		m_freem(m);
+		splx(s);
+		return;
+	}
+	IF_ENQUEUE(ifq, m);
+	schednetisr(isr);
+	ifp->if_ipackets++;
+	ifp->if_ibytes += m->m_pkthdr.len;
+	splx(s);
+}
+
+/* ARGSUSED */
+static void
+stf_rtrequest(cmd, rt, sa)
+	int cmd;
+	struct rtentry *rt;
+#if defined(__bsdi__) && _BSDI_VERSION >= 199802
+	struct rt_addrinfo *sa;
+#else
+	struct sockaddr *sa;
+#endif
+{
+
+	if (rt)
+		rt->rt_rmx.rmx_mtu = IPV6_MMTU;
+}
+
+static int
+stf_ioctl(ifp, cmd, data)
+	struct ifnet *ifp;
+	u_long cmd;
+	caddr_t data;
+{
+	struct ifaddr *ifa;
+	struct ifreq *ifr;
+	struct sockaddr_in6 *sin6;
+	int error;
+
+	error = 0;
+	switch (cmd) {
+	case SIOCSIFADDR:
+		ifa = (struct ifaddr *)data;
+		if (ifa == NULL || ifa->ifa_addr->sa_family != AF_INET6) {
+			error = EAFNOSUPPORT;
+			break;
+		}
+		sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
+		if (IN6_IS_ADDR_6TO4(&sin6->sin6_addr)) {
+			ifa->ifa_rtrequest = stf_rtrequest;
+			ifp->if_flags |= IFF_UP;
+		} else
+			error = EINVAL;
+		break;
+
+	case SIOCADDMULTI:
+	case SIOCDELMULTI:
+		ifr = (struct ifreq *)data;
+		if (ifr && ifr->ifr_addr.sa_family == AF_INET6)
+			;
+		else
+			error = EAFNOSUPPORT;
+		break;
+
+	default:
+		error = EINVAL;
+		break;
+	}
+
+	return error;
+}
+
+#endif /* NSTF > 0 */
diff --git a/sys/net/if_stf.h b/sys/net/if_stf.h
new file mode 100644
index 0000000..258f3a0
--- /dev/null
+++ b/sys/net/if_stf.h
@@ -0,0 +1,38 @@
+/*	$FreeBSD$	*/
+/*	$KAME: if_stf.h,v 1.3 2000/03/25 07:23:33 sumikawa Exp $	*/
+
+/*
+ * Copyright (C) 2000 WIDE Project.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef _NET_IF_STF_H_
+#define _NET_IF_STF_H_
+
+void in_stf_input __P((struct mbuf *, ...));
+
+#endif /* _NET_IF_STF_H_ */
diff --git a/sys/net/if_types.h b/sys/net/if_types.h
index 318b356..13cdcdd 100644
--- a/sys/net/if_types.h
+++ b/sys/net/if_types.h
@@ -99,5 +99,6 @@
 #define	IFT_PROPMUX	0x36		/* Proprietary Multiplexing */
 #define	IFT_GIF		0x37
 #define	IFT_FAITH	0x38
+#define	IFT_STF		0x39
 
 #endif
diff --git a/sys/net/net_osdep.c b/sys/net/net_osdep.c
index 03e40f3..02000f6 100644
--- a/sys/net/net_osdep.c
+++ b/sys/net/net_osdep.c
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: net_osdep.c,v 1.4 2000/03/25 07:23:34 sumikawa Exp $	*/
+
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
@@ -25,8 +28,6 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- * $FreeBSD$
  */
 
 #include <sys/param.h>
@@ -44,6 +45,7 @@
 #include <net/netisr.h>
 #include <net/route.h>
 #include <net/bpf.h>
+
 #include <net/net_osdep.h>
 
 const char *
diff --git a/sys/net/net_osdep.h b/sys/net/net_osdep.h
index 11fc27c..47f5216 100644
--- a/sys/net/net_osdep.h
+++ b/sys/net/net_osdep.h
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: net_osdep.h,v 1.21 2000/07/02 23:34:38 itojun Exp $	*/
+
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
@@ -25,8 +28,6 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- * $FreeBSD$
  */
 /*
  * glue for kernel code programming differences.
@@ -35,11 +36,25 @@
 /*
  * OS dependencies:
  *
+ * - struct rt_addrinfo
+ *   all *BSDs except bsdi4 only have two members; rti_addrs and rti_info[].
+ *   bsdi4 has additional members; rti_flags, rti_ifa, rti_ifp, and rti_rtm.
+ *
+ * - side effects of rtrequest[1](RTM_DELETE)
+ *	BSDI[34]: delete all cloned routes underneath the route.
+ *	FreeBSD[234]: delete all protocol-cloned routes underneath the route.
+ *		      note that cloned routes from an interface direct route
+ *		      still remain.
+ *	NetBSD, OpenBSD: no side effects.
  * - privileged process
  *	NetBSD, FreeBSD 3
  *		struct proc *p;
  *		if (p && !suser(p->p_ucred, &p->p_acflag))
  *			privileged;
+ *	FreeBSD 4
+ *		struct proc *p;
+ *		if (p && !suser(p))
+ *			privileged;
  *	OpenBSD, BSDI [34], FreeBSD 2
  *		struct socket *so;
  *		if (so->so_state & SS_PRIV)
@@ -76,7 +91,7 @@
  *	NetBSD, OpenBSD, BSDI [34], FreeBSD 2
  *		timeout() is a void function
  *	FreeBSD 3
- *		timeout() is non-void, must keep returned value for untimeuot()
+ *		timeout() is non-void, must keep returned value for untimeout()
  * - sysctl
  *	NetBSD, OpenBSD
  *		foo_sysctl()
@@ -106,16 +121,45 @@
  *
  * - dtom()
  *	NEVER USE IT!
+ *
+ * - struct ifnet for loopback interface
+ *	BSDI3: struct ifnet loif;
+ *	BSDI4: struct ifnet *loifp;
+ *	NetBSD, OpenBSD, FreeBSD2: struct ifnet loif[NLOOP];
+ *
+ *	odd thing is that many of them refers loif as ifnet *loif,
+ *	not loif[NLOOP], from outside of if_loop.c.
+ *
+ * - number of bpf pseudo devices
+ *	others: bpfilter.h, NBPFILTER
+ *	FreeBSD4: bpf.h, NBPF
+ *	solution:
+ *		#if defined(__FreeBSD__) && __FreeBSD__ >= 4
+ *		#include "bpf.h"
+ *		#define NBPFILTER	NBPF
+ *		#else
+ *		#include "bpfilter.h"
+ *		#endif
+ *
+ * - protosw for IPv4 (sys/netinet)
+ *	FreeBSD4: struct ipprotosw in netinet/ipprotosw.h
+ *	others: struct protosw in sys/protosw.h
+ *
+ * - header files with defopt (opt_xx.h)
+ *	FreeBSD3: opt_{inet,ipsec,ip6fw,altq}.h
+ *	FreeBSD4: opt_{inet,inet6,ipsec,ip6fw,altq}.h
+ *	NetBSD: opt_{inet,ipsec,altq}.h
+ *	others: does not use defopt
  */
 
 #ifndef __NET_NET_OSDEP_H_DEFINED_
-#define	__NET_NET_OSDEP_H_DEFINED_
+#define __NET_NET_OSDEP_H_DEFINED_
 #ifdef _KERNEL
 
 struct ifnet;
-extern const	char *if_name __P((struct ifnet *));
+extern const char *if_name __P((struct ifnet *));
 
-#define	HAVE_OLD_BPF
+#define HAVE_OLD_BPF
 
 #endif /*_KERNEL*/
 #endif /*__NET_NET_OSDEP_H_DEFINED_ */
diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h
index e8831f7..4c41c80 100644
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h
@@ -1,3 +1,6 @@
+/*	$FreeBSD$	*/
+/*	$KAME: pfkeyv2.h,v 1.17 2000/06/22 08:38:33 sakane Exp $	*/
+
 /*
  * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
  * All rights reserved.
@@ -25,12 +28,8 @@
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
- *
- * $FreeBSD$
  */
 
-/* $Id: keyv2.h,v 1.1.6.1.6.4 1999/06/08 05:33:39 itojun Exp $ */
-
 /*
  * This file has been derived rfc 2367,
  * And added some flags of SADB_KEY_FLAGS_ as SADB_X_EXT_.
@@ -38,7 +37,7 @@
  */
 
 #ifndef _NET_PFKEYV2_H_
-#define	_NET_PFKEYV2_H_
+#define _NET_PFKEYV2_H_
 
 /*
 This file defines structures and symbols for the PF_KEY Version 2
@@ -47,177 +46,187 @@ Laboratory. This file is in the public domain. The authors ask that
 you leave this credit intact on any copies of this file.
 */
 #ifndef __PFKEY_V2_H
-#define	__PFKEY_V2_H 1
-
-#define	PF_KEY_V2 2
-#define	PFKEYV2_REVISION        199806L
-
-#define	SADB_RESERVED    0
-#define	SADB_GETSPI      1
-#define	SADB_UPDATE      2
-#define	SADB_ADD         3
-#define	SADB_DELETE      4
-#define	SADB_GET         5
-#define	SADB_ACQUIRE     6
-#define	SADB_REGISTER    7
-#define	SADB_EXPIRE      8
-#define	SADB_FLUSH       9
-#define	SADB_DUMP        10
-#define	SADB_X_PROMISC   11
-#define	SADB_X_PCHANGE   12
-
-#define	SADB_X_SPDUPDATE  13	/* not yet */
-#define	SADB_X_SPDADD     14
-#define	SADB_X_SPDDELETE  15
-#define	SADB_X_SPDGET     16	/* not yet */
-#define	SADB_X_SPDACQUIRE 17	/* not yet */
-#define	SADB_X_SPDDUMP    18
-#define	SADB_X_SPDFLUSH   19
-#define	SADB_MAX          19
+#define __PFKEY_V2_H 1
+
+#define PF_KEY_V2 2
+#define PFKEYV2_REVISION        199806L
+
+#define SADB_RESERVED    0
+#define SADB_GETSPI      1
+#define SADB_UPDATE      2
+#define SADB_ADD         3
+#define SADB_DELETE      4
+#define SADB_GET         5
+#define SADB_ACQUIRE     6
+#define SADB_REGISTER    7
+#define SADB_EXPIRE      8
+#define SADB_FLUSH       9
+#define SADB_DUMP        10
+#define SADB_X_PROMISC   11
+#define SADB_X_PCHANGE   12
+
+#define SADB_X_SPDUPDATE  13
+#define SADB_X_SPDADD     14
+#define SADB_X_SPDDELETE  15	/* by policy index */
+#define SADB_X_SPDGET     16
+#define SADB_X_SPDACQUIRE 17
+#define SADB_X_SPDDUMP    18
+#define SADB_X_SPDFLUSH   19
+#define SADB_X_SPDSETIDX  20
+#define SADB_X_SPDEXPIRE  21	/* not yet */
+#define SADB_X_SPDDELETE2 22	/* by policy id */
+#define SADB_MAX          22
 
 struct sadb_msg {
-	u_int8_t	sadb_msg_version;
-	u_int8_t	sadb_msg_type;
-	u_int8_t	sadb_msg_errno;
-	u_int8_t	sadb_msg_satype;
-	u_int16_t	sadb_msg_len;
-	u_int8_t	sadb_msg_mode;	/* XXX */
-	u_int8_t	sadb_msg_reserved;
-	u_int32_t	sadb_msg_seq;
-	u_int32_t	sadb_msg_pid;
+  u_int8_t sadb_msg_version;
+  u_int8_t sadb_msg_type;
+  u_int8_t sadb_msg_errno;
+  u_int8_t sadb_msg_satype;
+  u_int16_t sadb_msg_len;
+  u_int16_t sadb_msg_reserved;
+  u_int32_t sadb_msg_seq;
+  u_int32_t sadb_msg_pid;
 };
 
 struct sadb_ext {
-	u_int16_t	sadb_ext_len;
-	u_int16_t	sadb_ext_type;
+  u_int16_t sadb_ext_len;
+  u_int16_t sadb_ext_type;
 };
 
 struct sadb_sa {
-	u_int16_t	sadb_sa_len;
-	u_int16_t	sadb_sa_exttype;
-	u_int32_t	sadb_sa_spi;
-	u_int8_t	sadb_sa_replay;
-	u_int8_t	sadb_sa_state;
-	u_int8_t	sadb_sa_auth;
-	u_int8_t	sadb_sa_encrypt;
-	u_int32_t	sadb_sa_flags;
+  u_int16_t sadb_sa_len;
+  u_int16_t sadb_sa_exttype;
+  u_int32_t sadb_sa_spi;
+  u_int8_t sadb_sa_replay;
+  u_int8_t sadb_sa_state;
+  u_int8_t sadb_sa_auth;
+  u_int8_t sadb_sa_encrypt;
+  u_int32_t sadb_sa_flags;
 };
 
 struct sadb_lifetime {
-	u_int16_t	sadb_lifetime_len;
-	u_int16_t	sadb_lifetime_exttype;
-	u_int32_t	sadb_lifetime_allocations;
-	u_int64_t	sadb_lifetime_bytes;
-	u_int64_t	sadb_lifetime_addtime;
-	u_int64_t	sadb_lifetime_usetime;
+  u_int16_t sadb_lifetime_len;
+  u_int16_t sadb_lifetime_exttype;
+  u_int32_t sadb_lifetime_allocations;
+  u_int64_t sadb_lifetime_bytes;
+  u_int64_t sadb_lifetime_addtime;
+  u_int64_t sadb_lifetime_usetime;
 };
 
 struct sadb_address {
-	u_int16_t	sadb_address_len;
-	u_int16_t	sadb_address_exttype;
-	u_int8_t	sadb_address_proto;
-	u_int8_t	sadb_address_prefixlen;
-	u_int16_t	sadb_address_reserved;
+  u_int16_t sadb_address_len;
+  u_int16_t sadb_address_exttype;
+  u_int8_t sadb_address_proto;
+  u_int8_t sadb_address_prefixlen;
+  u_int16_t sadb_address_reserved;
 };
 
 struct sadb_key {
-	u_int16_t	sadb_key_len;
-	u_int16_t	sadb_key_exttype;
-	u_int16_t	sadb_key_bits;
-	u_int16_t	sadb_key_reserved;
+  u_int16_t sadb_key_len;
+  u_int16_t sadb_key_exttype;
+  u_int16_t sadb_key_bits;
+  u_int16_t sadb_key_reserved;
 };
 
 struct sadb_ident {
-	u_int16_t	sadb_ident_len;
-	u_int16_t	sadb_ident_exttype;
-	u_int16_t	sadb_ident_type;
-	u_int16_t	sadb_ident_reserved;
-	u_int64_t	sadb_ident_id;
-};
-/* in order to use to divide sadb_ident.sadb_ident_id */
-union sadb_x_ident_id {
-	u_int64_t	sadb_x_ident_id;
-	struct	_sadb_x_ident_id_addr {
-		u_int16_t	prefix;
-		u_int16_t	ul_proto;
-		u_int32_t	reserved;
-	} sadb_x_ident_id_addr;
+  u_int16_t sadb_ident_len;
+  u_int16_t sadb_ident_exttype;
+  u_int16_t sadb_ident_type;
+  u_int16_t sadb_ident_reserved;
+  u_int64_t sadb_ident_id;
 };
 
 struct sadb_sens {
-	u_int16_t	sadb_sens_len;
-	u_int16_t	sadb_sens_exttype;
-	u_int32_t	sadb_sens_dpd;
-	u_int8_t	sadb_sens_sens_level;
-	u_int8_t	sadb_sens_sens_len;
-	u_int8_t	sadb_sens_integ_level;
-	u_int8_t	sadb_sens_integ_len;
-	u_int32_t	sadb_sens_reserved;
+  u_int16_t sadb_sens_len;
+  u_int16_t sadb_sens_exttype;
+  u_int32_t sadb_sens_dpd;
+  u_int8_t sadb_sens_sens_level;
+  u_int8_t sadb_sens_sens_len;
+  u_int8_t sadb_sens_integ_level;
+  u_int8_t sadb_sens_integ_len;
+  u_int32_t sadb_sens_reserved;
 };
 
 struct sadb_prop {
-	u_int16_t	sadb_prop_len;
-	u_int16_t	sadb_prop_exttype;
-	u_int8_t	sadb_prop_replay;
-	u_int8_t	sadb_prop_reserved[3];
+  u_int16_t sadb_prop_len;
+  u_int16_t sadb_prop_exttype;
+  u_int8_t sadb_prop_replay;
+  u_int8_t sadb_prop_reserved[3];
 };
 
 struct sadb_comb {
-	u_int8_t	sadb_comb_auth;
-	u_int8_t	sadb_comb_encrypt;
-	u_int16_t	sadb_comb_flags;
-	u_int16_t	sadb_comb_auth_minbits;
-	u_int16_t	sadb_comb_auth_maxbits;
-	u_int16_t	sadb_comb_encrypt_minbits;
-	u_int16_t	sadb_comb_encrypt_maxbits;
-	u_int32_t	sadb_comb_reserved;
-	u_int32_t	sadb_comb_soft_allocations;
-	u_int32_t	sadb_comb_hard_allocations;
-	u_int64_t	sadb_comb_soft_bytes;
-	u_int64_t	sadb_comb_hard_bytes;
-	u_int64_t	sadb_comb_soft_addtime;
-	u_int64_t	sadb_comb_hard_addtime;
-	u_int64_t	sadb_comb_soft_usetime;
-	u_int64_t	sadb_comb_hard_usetime;
+  u_int8_t sadb_comb_auth;
+  u_int8_t sadb_comb_encrypt;
+  u_int16_t sadb_comb_flags;
+  u_int16_t sadb_comb_auth_minbits;
+  u_int16_t sadb_comb_auth_maxbits;
+  u_int16_t sadb_comb_encrypt_minbits;
+  u_int16_t sadb_comb_encrypt_maxbits;
+  u_int32_t sadb_comb_reserved;
+  u_int32_t sadb_comb_soft_allocations;
+  u_int32_t sadb_comb_hard_allocations;
+  u_int64_t sadb_comb_soft_bytes;
+  u_int64_t sadb_comb_hard_bytes;
+  u_int64_t sadb_comb_soft_addtime;
+  u_int64_t sadb_comb_hard_addtime;
+  u_int64_t sadb_comb_soft_usetime;
+  u_int64_t sadb_comb_hard_usetime;
 };
 
 struct sadb_supported {
-	u_int16_t	sadb_supported_len;
-	u_int16_t	sadb_supported_exttype;
-	u_int32_t	sadb_supported_reserved;
+  u_int16_t sadb_supported_len;
+  u_int16_t sadb_supported_exttype;
+  u_int32_t sadb_supported_reserved;
 };
 
 struct sadb_alg {
-	u_int8_t	sadb_alg_id;
-	u_int8_t	sadb_alg_ivlen;
-	u_int16_t	sadb_alg_minbits;
-	u_int16_t	sadb_alg_maxbits;
-	u_int16_t	sadb_alg_reserved;
+  u_int8_t sadb_alg_id;
+  u_int8_t sadb_alg_ivlen;
+  u_int16_t sadb_alg_minbits;
+  u_int16_t sadb_alg_maxbits;
+  u_int16_t sadb_alg_reserved;
 };
 
 struct sadb_spirange {
-	u_int16_t	sadb_spirange_len;
-	u_int16_t	sadb_spirange_exttype;
-	u_int32_t	sadb_spirange_min;
-	u_int32_t	sadb_spirange_max;
-	u_int32_t	sadb_spirange_reserved;
+  u_int16_t sadb_spirange_len;
+  u_int16_t sadb_spirange_exttype;
+  u_int32_t sadb_spirange_min;
+  u_int32_t sadb_spirange_max;
+  u_int32_t sadb_spirange_reserved;
 };
 
 struct sadb_x_kmprivate {
-	u_int16_t	sadb_x_kmprivate_len;
-	u_int16_t	sadb_x_kmprivate_exttype;
-	u_int32_t	sadb_x_kmprivate_reserved;
+  u_int16_t sadb_x_kmprivate_len;
+  u_int16_t sadb_x_kmprivate_exttype;
+  u_int32_t sadb_x_kmprivate_reserved;
+};
+
+/*
+ * XXX Additional SA Extension.
+ * mode: tunnel or transport
+ * reqid: to make SA unique nevertheless the address pair of SA are same.
+ *        Mainly it's for VPN.
+ */
+struct sadb_x_sa2 {
+  u_int16_t sadb_x_sa2_len;
+  u_int16_t sadb_x_sa2_exttype;
+  u_int8_t sadb_x_sa2_mode;
+  u_int8_t sadb_x_sa2_reserved1;
+  u_int16_t sadb_x_sa2_reserved2;
+  u_int32_t sadb_x_sa2_reserved3;
+  u_int32_t sadb_x_sa2_reqid;
 };
 
 /* XXX Policy Extension */
-/* sizeof(struct sadb_x_policy) == 8 */
+/* sizeof(struct sadb_x_policy) == 16 */
 struct sadb_x_policy {
-	u_int16_t	sadb_x_policy_len;
-	u_int16_t	sadb_x_policy_exttype;
-	/* See policy type of ipsec.h */
-	u_int16_t	sadb_x_policy_type;
-	u_int8_t	sadb_x_policy_dir;	/* direction, see ipsec.h */
-	u_int8_t	sadb_x_policy_reserved;
+  u_int16_t sadb_x_policy_len;
+  u_int16_t sadb_x_policy_exttype;
+  u_int16_t sadb_x_policy_type;		/* See policy type of ipsec.h */
+  u_int8_t sadb_x_policy_dir;		/* direction, see ipsec.h */
+  u_int8_t sadb_x_policy_reserved;
+  u_int32_t sadb_x_policy_id;
+  u_int32_t sadb_x_policy_reserved2;
 };
 /*
  * When policy_type == IPSEC, it is followed by some of
@@ -231,190 +240,143 @@ struct sadb_x_policy {
  * This structure is aligned 8 bytes.
  */
 struct sadb_x_ipsecrequest {
-	u_int16_t	sadb_x_ipsecrequest_len;
-				/* structure length aligned to 8 bytes.
-				 * This value is true length of bytes.
-				 * Not in units of 64 bits. */
-	u_int16_t	sadb_x_ipsecrequest_proto;	/* See ipsec.h */
-	/* See ipsec.h. Not SADB_SATYPE_XX */
-	u_int16_t	sadb_x_ipsecrequest_mode;
-	u_int16_t	sadb_x_ipsecrequest_level;	/* See ipsec.h */
-
-	/*
-	 * followed by source IP address of SA, and immediately followed by
-	 * destination IP address of SA.  These encoded into two of sockaddr
-	 * structure without any padding.  Must set each sa_len exactly.
-	 * Each of length of the sockaddr structure are not aligned to 64bits,
-	 * but sum of x_request and addresses is aligned to 64bits.
-	 */
+  u_int16_t sadb_x_ipsecrequest_len;	/* structure length aligned to 8 bytes.
+					 * This value is true length of bytes.
+					 * Not in units of 64 bits. */
+  u_int16_t sadb_x_ipsecrequest_proto;	/* See ipsec.h */
+  u_int8_t sadb_x_ipsecrequest_mode;	/* See IPSEC_MODE_XX in ipsec.h. */
+  u_int8_t sadb_x_ipsecrequest_level;	/* See IPSEC_LEVEL_XX in ipsec.h */
+  u_int16_t sadb_x_ipsecrequest_reqid;	/* See ipsec.h */
+
+  /*
+   * followed by source IP address of SA, and immediately followed by
+   * destination IP address of SA.  These encoded into two of sockaddr
+   * structure without any padding.  Must set each sa_len exactly.
+   * Each of length of the sockaddr structure are not aligned to 64bits,
+   * but sum of x_request and addresses is aligned to 64bits.
+   */
 };
 
-#define	SADB_EXT_RESERVED             0
-#define	SADB_EXT_SA                   1
-#define	SADB_EXT_LIFETIME_CURRENT     2
-#define	SADB_EXT_LIFETIME_HARD        3
-#define	SADB_EXT_LIFETIME_SOFT        4
-#define	SADB_EXT_ADDRESS_SRC          5
-#define	SADB_EXT_ADDRESS_DST          6
-#define	SADB_EXT_ADDRESS_PROXY        7
-#define	SADB_EXT_KEY_AUTH             8
-#define	SADB_EXT_KEY_ENCRYPT          9
-#define	SADB_EXT_IDENTITY_SRC         10
-#define	SADB_EXT_IDENTITY_DST         11
-#define	SADB_EXT_SENSITIVITY          12
-#define	SADB_EXT_PROPOSAL             13
-#define	SADB_EXT_SUPPORTED_AUTH       14
-#define	SADB_EXT_SUPPORTED_ENCRYPT    15
-#define	SADB_EXT_SPIRANGE             16
-#define	SADB_X_EXT_KMPRIVATE          17
-#define	SADB_X_EXT_POLICY             18
-#define	SADB_EXT_MAX                  18
-
-#define	SADB_SATYPE_UNSPEC	0
-#define	SADB_SATYPE_AH		2
-#define	SADB_SATYPE_ESP		3
-#define	SADB_SATYPE_RSVP	5
-#define	SADB_SATYPE_OSPFV2	6
-#define	SADB_SATYPE_RIPV2	7
-#define	SADB_SATYPE_MIP		8
-#define	SADB_X_SATYPE_IPCOMP	9
-#define	SADB_SATYPE_MAX		9
-
-#define	SADB_SASTATE_LARVAL   0
-#define	SADB_SASTATE_MATURE   1
-#define	SADB_SASTATE_DYING    2
-#define	SADB_SASTATE_DEAD     3
-#define	SADB_SASTATE_MAX      3	
-#define	SADB_SAFLAGS_PFS      1
-
-#define	SADB_AALG_NONE          0
-#define	SADB_AALG_MD5HMAC       1	/* 2 */
-#define	SADB_AALG_SHA1HMAC      2	/* 3 */
-#define	SADB_AALG_MD5           3       /* Keyed MD5 */
-#define	SADB_AALG_SHA           4       /* Keyed SHA */
-#define	SADB_AALG_NULL          5       /* null authentication */
-#define	SADB_AALG_MAX           6	
-
-#define	SADB_EALG_NONE          0
-#define	SADB_EALG_DESCBC        1	/* 2 */
-#define	SADB_EALG_3DESCBC       2	/* 3 */
-#define	SADB_EALG_NULL          3	/* 11 */
-#define	SADB_EALG_BLOWFISHCBC   4
-#define	SADB_EALG_CAST128CBC    5
-#define	SADB_EALG_RC5CBC        6
-#define	SADB_EALG_MAX           7
-
-/*nonstandard */
-#define	SADB_X_CALG_NONE	0
-#define	SADB_X_CALG_OUI		1
-#define	SADB_X_CALG_DEFLATE	2
-#define	SADB_X_CALG_LZS		3
-
-#define	SADB_IDENTTYPE_RESERVED   0
-#define	SADB_IDENTTYPE_PREFIX     1
-#define	SADB_IDENTTYPE_FQDN       2
-#define	SADB_IDENTTYPE_USERFQDN   3
-#define	SADB_X_IDENTTYPE_ADDR     4
-#define	SADB_IDENTTYPE_MAX        4
+#define SADB_EXT_RESERVED             0
+#define SADB_EXT_SA                   1
+#define SADB_EXT_LIFETIME_CURRENT     2
+#define SADB_EXT_LIFETIME_HARD        3
+#define SADB_EXT_LIFETIME_SOFT        4
+#define SADB_EXT_ADDRESS_SRC          5
+#define SADB_EXT_ADDRESS_DST          6
+#define SADB_EXT_ADDRESS_PROXY        7
+#define SADB_EXT_KEY_AUTH             8
+#define SADB_EXT_KEY_ENCRYPT          9
+#define SADB_EXT_IDENTITY_SRC         10
+#define SADB_EXT_IDENTITY_DST         11
+#define SADB_EXT_SENSITIVITY          12
+#define SADB_EXT_PROPOSAL             13
+#define SADB_EXT_SUPPORTED_AUTH       14
+#define SADB_EXT_SUPPORTED_ENCRYPT    15
+#define SADB_EXT_SPIRANGE             16
+#define SADB_X_EXT_KMPRIVATE          17
+#define SADB_X_EXT_POLICY             18
+#define SADB_X_EXT_SA2                19
+#define SADB_EXT_MAX                  19
+
+#define SADB_SATYPE_UNSPEC	0
+#define SADB_SATYPE_AH		2
+#define SADB_SATYPE_ESP		3
+#define SADB_SATYPE_RSVP	5
+#define SADB_SATYPE_OSPFV2	6
+#define SADB_SATYPE_RIPV2	7
+#define SADB_SATYPE_MIP		8
+#define SADB_X_SATYPE_IPCOMP	9
+#define SADB_X_SATYPE_POLICY	10
+#define SADB_SATYPE_MAX		11
+
+#define SADB_SASTATE_LARVAL   0
+#define SADB_SASTATE_MATURE   1
+#define SADB_SASTATE_DYING    2
+#define SADB_SASTATE_DEAD     3
+#define SADB_SASTATE_MAX      3
+
+#define SADB_SAFLAGS_PFS      1
+
+#define SADB_AALG_NONE          0
+#define SADB_AALG_MD5HMAC       1	/* 2 */
+#define SADB_AALG_SHA1HMAC      2	/* 3 */
+#define SADB_AALG_MD5           3       /* Keyed MD5 */
+#define SADB_AALG_SHA           4       /* Keyed SHA */
+#define SADB_AALG_NULL          5       /* null authentication */
+#define SADB_AALG_MAX           6
+
+#define SADB_EALG_NONE          0
+#define SADB_EALG_DESCBC        1	/* 2 */
+#define SADB_EALG_3DESCBC       2	/* 3 */
+#define SADB_EALG_NULL          3	/* 11 */
+#define SADB_EALG_BLOWFISHCBC   4
+#define SADB_EALG_CAST128CBC    5
+#define SADB_EALG_RC5CBC        6
+#define SADB_EALG_MAX           7
+
+#if 1	/*nonstandard */
+#define SADB_X_CALG_NONE	0
+#define SADB_X_CALG_OUI		1
+#define SADB_X_CALG_DEFLATE	2
+#define SADB_X_CALG_LZS		3
+#define SADB_X_CALG_MAX		4
+#endif
+
+#define SADB_IDENTTYPE_RESERVED   0
+#define SADB_IDENTTYPE_PREFIX     1
+#define SADB_IDENTTYPE_FQDN       2
+#define SADB_IDENTTYPE_USERFQDN   3
+#define SADB_X_IDENTTYPE_ADDR     4
+#define SADB_IDENTTYPE_MAX        4
 
 /* `flags' in sadb_sa structure holds followings */
-#define	SADB_X_EXT_NONE		0x0000	/* i.e. new format. */
-#define	SADB_X_EXT_OLD		0x0001	/* old format. */
+#define SADB_X_EXT_NONE		0x0000	/* i.e. new format. */
+#define SADB_X_EXT_OLD		0x0001	/* old format. */
 
-#define	SADB_X_EXT_IV4B		0x0010	/* IV length of 4 bytes in use */
-#define	SADB_X_EXT_DERIV	0x0020	/* DES derived */
-#define	SADB_X_EXT_CYCSEQ	0x0040	/* allowing to cyclic sequence. */
+#define SADB_X_EXT_IV4B		0x0010	/* IV length of 4 bytes in use */
+#define SADB_X_EXT_DERIV	0x0020	/* DES derived */
+#define SADB_X_EXT_CYCSEQ	0x0040	/* allowing to cyclic sequence. */
 
 	/* three of followings are exclusive flags each them */
-#define	SADB_X_EXT_PSEQ		0x0000	/* sequencial padding for ESP */
-#define	SADB_X_EXT_PRAND	0x0100	/* random padding for ESP */
-#define	SADB_X_EXT_PZERO	0x0200	/* zero padding for ESP */
-#define	SADB_X_EXT_PMASK	0x0300	/* mask for padding flag */
+#define SADB_X_EXT_PSEQ		0x0000	/* sequencial padding for ESP */
+#define SADB_X_EXT_PRAND	0x0100	/* random padding for ESP */
+#define SADB_X_EXT_PZERO	0x0200	/* zero padding for ESP */
+#define SADB_X_EXT_PMASK	0x0300	/* mask for padding flag */
 
-#define	SADB_X_EXT_RAWCPI	0x0080	/* use well known CPI (IPComp) */
+#if 1
+#define SADB_X_EXT_RAWCPI	0x0080	/* use well known CPI (IPComp) */
+#endif
 
-#define	SADB_KEY_FLAGS_MAX	0x0fff
+#define SADB_KEY_FLAGS_MAX	0x0fff
 
 /* SPI size for PF_KEYv2 */
-#define	PFKEY_SPI_SIZE	sizeof(u_int32_t)
+#define PFKEY_SPI_SIZE	sizeof(u_int32_t)
 
 /* Identifier for menber of lifetime structure */
-#define	SADB_X_LIFETIME_ALLOCATIONS	0
-#define	SADB_X_LIFETIME_BYTES		1
-#define	SADB_X_LIFETIME_ADDTIME		2
-#define	SADB_X_LIFETIME_USETIME		3
+#define SADB_X_LIFETIME_ALLOCATIONS	0
+#define SADB_X_LIFETIME_BYTES		1
+#define SADB_X_LIFETIME_ADDTIME		2
+#define SADB_X_LIFETIME_USETIME		3
 
 /* The rate for SOFT lifetime against HARD one. */
-#define	PFKEY_SOFT_LIFETIME_RATE	80
+#define PFKEY_SOFT_LIFETIME_RATE	80
 
 /* Utilities */
-#define	PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1)))
+#define PFKEY_ALIGN8(a) (1 + (((a) - 1) | (8 - 1)))
 #define	PFKEY_EXTLEN(msg) \
 	PFKEY_UNUNIT64(((struct sadb_ext *)(msg))->sadb_ext_len)
-#define	PFKEY_ADDR_PREFIX(ext) \
+#define PFKEY_ADDR_PREFIX(ext) \
 	(((struct sadb_address *)(ext))->sadb_address_prefixlen)
-#define	PFKEY_ADDR_PROTO(ext) \
+#define PFKEY_ADDR_PROTO(ext) \
 	(((struct sadb_address *)(ext))->sadb_address_proto)
-#define	PFKEY_ADDR_SADDR(ext) \
+#define PFKEY_ADDR_SADDR(ext) \
 	((struct sockaddr *)((caddr_t)(ext) + sizeof(struct sadb_address)))
 
 /* in 64bits */
 #define	PFKEY_UNUNIT64(a)	((a) << 3)
 #define	PFKEY_UNIT64(a)		((a) >> 3)
 
-#ifndef _KERNEL
-struct	sockaddr;
-
-int	ipsec_check_keylen __P((u_int supported, u_int alg_id, u_int keylen));
-int	pfkey_align __P((struct sadb_msg *msg, caddr_t *mhp));
-int	pfkey_check __P((caddr_t *mhp));
-void	pfkey_close __P((int so));
-u_int	pfkey_get_softrate __P((u_int type));
-u_int	pfkey_set_softrate __P((u_int type, u_int rate));
-int	pfkey_open __P((void));
-struct	sadb_msg *pfkey_recv __P((int so));
-int	pfkey_recv_register __P((int so));
-int	pfkey_send_register __P((int so, u_int satype));
-void	pfkey_sadump __P((struct sadb_msg *m));
-void	pfkey_spdump __P((struct sadb_msg *m));
-int	pfkey_send __P((int so, struct sadb_msg *msg, int len));
-int	pfkey_send_add __P((int so, u_int satype, u_int mode,
-			    struct sockaddr *src, struct sockaddr *dst,
-			    u_int32_t spi, u_int wsize,	caddr_t keymat,
-			    u_int e_type, u_int e_keylen, u_int a_type,
-			    u_int a_keylen, u_int flags, u_int32_t l_alloc,
-			    u_int64_t l_bytes, u_int64_t l_addtime,
-			    u_int64_t l_usetime, u_int32_t seq));
-int	pfkey_send_delete __P((int so, u_int satype, u_int mode,
-			       struct sockaddr *src, struct sockaddr *dst,
-			       u_int32_t spi));
-int	pfkey_send_dump __P((int so, u_int satype));
-int	pfkey_send_flush __P((int so, u_int satype));
-int	pfkey_send_get __P((int so, u_int satype, u_int mode,
-			    struct sockaddr *src, struct sockaddr *dst,
-			    u_int32_t spi));
-int	pfkey_send_getspi __P((int so, u_int satype, u_int mode,
-			       struct sockaddr *src, struct sockaddr *dst,
-			       u_int32_t min, u_int32_t max, u_int32_t seq));
-int	pfkey_send_promisc_toggle __P((int so, int flag));
-int	pfkey_send_spdadd __P((int so, struct sockaddr *src, u_int prefs,
-			       struct sockaddr *dst, u_int prefd, u_int proto,
-			       caddr_t policy, int policylen, u_int32_t seq));
-int	pfkey_send_spddelete __P((int so, struct sockaddr *src, u_int prefs,
-				  struct sockaddr *dst, u_int prefd,
-				  u_int proto, u_int32_t seq));
-int	pfkey_send_spddump __P((int so));
-int	pfkey_send_spdflush __P((int so));
-int	pfkey_send_update __P((int so, u_int satype, u_int mode,
-			       struct sockaddr *src, struct sockaddr *dst,
-			       u_int32_t spi, u_int wsize, caddr_t keymat,
-			       u_int e_type, u_int e_keylen, u_int a_type,
-			       u_int a_keylen, u_int flags, u_int32_t l_alloc,
-			       u_int64_t l_bytes, u_int64_t l_addtime,
-			       u_int64_t l_usetime, u_int32_t seq));
-
-#endif /*!_KERNEL*/
-
-#endif /* !__PFKEY_V2_H */
-
-#endif /* !_NET_PFKEYV2_H_ */
+#endif /* __PFKEY_V2_H */
+
+#endif /* _NET_PFKEYV2_H_ */