X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=secnet.git;a=blobdiff_plain;f=netlink.h;h=ffefd8082ef67f2b662f5391b9baf628080c9e16;hp=4cc80af41f6f6139babed6377d8b57ae07ae5fcc;hb=0cf9c062e165da3e9444dfea93f25f198bb71a0e;hpb=c6f79b178fe27ee315055dccb371b63ca1a6183a

diff --git a/netlink.h b/netlink.h
index 4cc80af..ffefd80 100644
--- a/netlink.h
+++ b/netlink.h
@@ -7,27 +7,31 @@
 #define DEFAULT_MTU 1000
 #define ICMP_BUFSIZE 1024
 
+struct netlink;
+
 struct netlink_client {
-    struct subnet_list *networks;
+    closure_t cl;
+    struct netlink_if ops;
+    struct netlink *nst;
+    struct ipset *networks;
+    struct subnet_list *subnets; /* Same information as 'networks' */
+    uint32_t priority; /* Higher priority clients have their networks
+			  checked first during routing.  This allows
+			  things like laptops to supersede whole
+			  networks. */
     netlink_deliver_fn *deliver;
     void *dst;
     string_t name;
     uint32_t link_quality;
+    int32_t mtu;
     uint32_t options;
+    uint32_t outcount;
+    bool_t up; /* Should these routes exist in the kernel? */
+    bool_t kup; /* Do these routes exist in the kernel? */
     struct netlink_client *next;
 };
 
-struct netlink_route {
-    struct subnet net;
-    bool_t hard;
-    bool_t allow_route;
-    bool_t up;
-    bool_t kup;
-    uint32_t quality; /* provided by client */
-    struct netlink_client *c;
-};
-
-typedef bool_t netlink_route_fn(void *cst, struct netlink_route *route);
+typedef bool_t netlink_route_fn(void *cst, struct netlink_client *routes);
 
 /* Netlink provides one function to the device driver, to call to deliver
    a packet from the device. The device driver provides one function to
@@ -35,29 +39,31 @@ typedef bool_t netlink_route_fn(void *cst, struct netlink_route *route);
 
 struct netlink {
     closure_t cl;
-    struct netlink_if ops;
     void *dst; /* Pointer to host interface state */
-    string_t name;
-    uint32_t max_start_pad;
-    uint32_t max_end_pad;
-    struct subnet_list networks;
-    struct subnet_list exclude_remote_networks;
-    uint32_t secnet_address; /* our own address, or possibly the address of
-				the other end of a point-to-point link */
+    cstring_t name;
+    int32_t max_start_pad;
+    int32_t max_end_pad;
+    struct ipset *networks; /* Local networks */
+    struct subnet_list *subnets; /* Same as networks, for display */
+    struct ipset *remote_networks; /* Allowable remote networks */
+    uint32_t secnet_address; /* our own address, or the address of the
+				other end of a point-to-point link */
     bool_t ptp;
-    uint32_t mtu;
-    struct netlink_client *clients;
+    int32_t mtu;
+    struct netlink_client *clients; /* Linked list of clients */
+    struct netlink_client **routes; /* Array of clients, sorted by priority */
+    int32_t n_clients;
     netlink_deliver_fn *deliver_to_host; /* Provided by driver */
-    netlink_route_fn *set_route; /* Provided by driver */
+    netlink_route_fn *set_routes; /* Provided by driver */
     struct buffer_if icmp; /* Buffer for assembly of outgoing ICMP */
-    uint32_t n_routes; /* How many routes do we know about? */
-    struct netlink_route *routes;
+    uint32_t outcount; /* Packets sent to host */
+    uint32_t localcount; /* Packets sent to secnet */
 };
 
 extern netlink_deliver_fn *netlink_init(struct netlink *st,
 					void *dst, struct cloc loc,
-					dict_t *dict, string_t description,
-					netlink_route_fn *set_route,
+					dict_t *dict, cstring_t description,
+					netlink_route_fn *set_routes,
 					netlink_deliver_fn *to_host);
 
 #endif /* netlink_h */