1 files changed, 16 insertions, 2 deletions

diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h
index c9b2769..c2cf568 100644
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h
@@ -223,9 +223,12 @@ struct sadb_x_policy {
   u_int16_t sadb_x_policy_exttype;
   u_int16_t sadb_x_policy_type;		/* See policy type of ipsec.h */
   u_int8_t sadb_x_policy_dir;		/* direction, see ipsec.h */
-  u_int8_t sadb_x_policy_reserved;
+  u_int8_t sadb_x_policy_scope;		/* scope, see ipsec.h */
   u_int32_t sadb_x_policy_id;
   u_int32_t sadb_x_policy_priority;
+#define	sadb_x_policy_reserved	sadb_x_policy_scope
+/* Policy with ifnet scope uses priority field to store ifindex */
+#define	sadb_x_policy_ifindex	sadb_x_policy_priority
 };
 _Static_assert(sizeof(struct sadb_x_policy) == 16, "struct size mismatch");
 
@@ -283,6 +286,14 @@ struct sadb_x_nat_t_frag {
 };
 _Static_assert(sizeof(struct sadb_x_nat_t_frag) == 8, "struct size mismatch");
 
+/* Additional large replay window support
+ */
+struct sadb_x_sa_replay {
+  u_int16_t sadb_x_sa_replay_len;
+  u_int16_t sadb_x_sa_replay_exttype;
+  u_int32_t sadb_x_sa_replay_replay;	/* in packets */
+};
+_Static_assert(sizeof(struct sadb_x_sa_replay) == 8, "struct size mismatch");
 
 #define SADB_EXT_RESERVED             0
 #define SADB_EXT_SA                   1
@@ -311,7 +322,10 @@ _Static_assert(sizeof(struct sadb_x_nat_t_frag) == 8, "struct size mismatch");
 #define SADB_X_EXT_NAT_T_OAI          23	/* Peer's NAT_OA for src of SA. */
 #define SADB_X_EXT_NAT_T_OAR          24	/* Peer's NAT_OA for dst of SA. */
 #define SADB_X_EXT_NAT_T_FRAG         25	/* Manual MTU override. */
-#define SADB_EXT_MAX                  25
+#define SADB_X_EXT_SA_REPLAY          26	/* Replay window override. */
+#define	SADB_X_EXT_NEW_ADDRESS_SRC    27
+#define	SADB_X_EXT_NEW_ADDRESS_DST    28
+#define	SADB_EXT_MAX                  28
 
 #define SADB_SATYPE_UNSPEC	0
 #define SADB_SATYPE_AH		2