*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->OpenBSD man pages -> mbuf_tags (9)              
Title
Content
Arch
Section
 

MBUF_TAGS(9)

Contents


NAME    [Toc]    [Back]

     mbuf_tags - a framework for generic packet attributes

SYNOPSIS    [Toc]    [Back]

     #include <sys/mbuf.h>

     struct m_tag *
     m_tag_get(int type, int len, int flags);

     void
     m_tag_free(struct m_tag *tag);

     struct m_tag *
     m_tag_find(struct mbuf *mbuf, int type, struct m_tag *tag);

     void
     m_tag_prepend(struct mbuf *mbuf, struct m_tag *tag);

     void
     m_tag_unlink(struct mbuf *mbuf, struct m_tag *tag);

     void
     m_tag_delete(struct mbuf *mbuf, struct m_tag *tag);

     struct m_tag *
     m_tag_copy(struct m_tag *tag);

     void
     m_tag_delete_chain(struct mbuf *mbuf, struct m_tag *tag);

     void
     m_tag_init(struct mbuf *mbuf);

     int
     m_tag_copy_chain(struct mbuf *mbuf, struct mbuf *mbuf2);

     struct m_tag *
     m_tag_first(struct mbuf *mbuf);

     struct m_tag *
     m_tag_next(struct mbuf *mbuf, struct m_tag *tag);

DESCRIPTION    [Toc]    [Back]

     These functions allow the manipulation of generic packet attributes.
     They are used by the kernel to keep track of operations done
or scheduled
     to happen to packets.  These attributes are attached to mbuf
packet headers.


     m_tag_get()  allocates a new tag of type type with len bytes
of space following
 the tag header itself.  The flag argument  is  passed
directly to
     malloc(9).   If  successful,  m_tag_get()  returns  a memory
buffer of (len +
     sizeof  (struct  m_tag))  bytes.   The  first  sizeof(struct
m_tag) bytes contain
 a struct m_tag:

     struct m_tag {
             SLIST_ENTRY(m_tag)       m_tag_link;      /* List of
packet tags */
             u_int16_t               m_tag_id;       /* Tag ID */
             u_int16_t               m_tag_len;      /* Length of
data */
     };

     The m_tag_link field is used  to  link  tags  together  (see
queue(3) for more
     details).  The m_tag_id and m_tag_len fields are set to type
and len respectively.
  Following this structure are len bytes of space
that can be
     used to store tag-specific information.

     The currently defined tag types are:

     PACKET_TAG_NONE
                   This should never be used.

     PACKET_TAG_IPSEC_IN_DONE
                   Used  by  ipsec(4) to indicate successful processing performed
 on an input packet.  The tag contains a
struct
                   tdb_ident,         as        defined        in
sys/netinet/ip_ipsp.h, identifying
                   the security association under which the packet arrived.

     PACKET_TAG_IPSEC_OUT_DONE
                   Used by IPsec to indicate that an output packet has been
                   IPsec-processed.  The tag  contains  a  struct
tdb_ident identifying
  the  security  association applied to
the packet.
                   This tag is primarily used to detect and avoid
loops in
                   IPsec processing on output.

     PACKET_TAG_IPSEC_IN_CRYPTO_DONE
                   Used  by network cards that implement on-board
IPsec processing
 to indicate that the crypto processing
of an IPsec
                   packet  has  been  done.   The  tag contains a
struct tdb_ident
                   identifying  the  security  association  under
which the packet
                   arrived.

     PACKET_TAG_IPSEC_OUT_CRYPTO_NEEDED
                   Used  by  the IPsec stack to signal to network
cards that implement
 on-board IPsec  processing  that  such
processing is
                   needed.   The  tag contains a struct tdb_ident
identifying
                   the security association that  should  be  applied.  The packet
  is  already  formatted for the appropriate
security protocol.


     PACKET_TAG_IPSEC_IN_COULD_DO_CRYPTO
                   Used by network cards that implement  on-board
IPsec processing
  to  indicate  to the IPsec stack that
cryptographic
                   processing could be deferred to hardware.  The
tag contains
                   a  struct  tdb_ident  identifying the security
association
                   that could be offloaded to the network card.

     PACKET_TAG_IPSEC_PENDING_TDB
                   Used by the IPsec stack to keep track of IPsec
processing
                   that  should  happen  to the packet on output.
The tag contains
 a struct tdb_ident identifying the security association
  that  should be applied at the next loop
of IPsec processing.


     PACKET_TAG_BRIDGE
                   Used by the bridge(4) code to detect loops  in
bridge processing.
   The  tag  contains a pointer to the
bridge interface
 that already forwarded the frame.

     PACKET_TAG_GIF
                   Used by the gif(4) interface to  detect  loops
in processing.
                   The  tag  contains a pointer to the gif interface that already
 processed the packet.

     PACKET_TAG_GRE
                   Used by the gre(4) interface to  detect  loops
in processing.
                   The  tag  contains a pointer to the gre interface that already
 processed the packet.

     PACKET_TAG_IN_PACKET_CHECKSUM
                   Used by network cards that  can  compute  complete packet
                   checksums  to pass that information to higherlevel protocols.
  The tag contains the 2 byte checksum of
the packet.

     PACKET_TAG_PF_GENERATED
                   Used  to  mark packets generated by the packet
filter pf(4).
                   Packets with this tag are not tested by pf but
passed unconditionally.
  Contains no data.

     PACKET_TAG_PF_ROUTED
                   Used to mark packets routed by the packet filter pf(4).
                   Packets with this tag are  not  tested  by  pf
more than once
                   to prevent loops caused by subsequent matching
routing
                   rules.  Contains no data.

     PACKET_TAG_PF_FRAGCACHE
                   Used to mark fragmented packets cached by  the
packet filter
                   pf(4).  Packets with this tag have been cached
by the fragment
 cache already and will short  circuit  it
if processed
                   again.   If  they  were  to re-enter the fragcache, they would
                   be indistinguishable from  a  duplicate  of  a
previous packet
                   and would be dropped.  Contains no data.

     PACKET_TAG_PF_QID
                   Used  by pf(4) for queueing.  The tag contains
the ID of the
                   queue this packet should go to.

     PACKET_TAG_PF_TAG
                   Used by pf(4) to tag packets and filtering  on
those later
                   on.

     PACKET_TAG_PF_TRANSLATE_LOCALHOST
                   Used  by  pf(4)  to  mark  TCP and UDP packets
redirected to
                   loopback addresses.  The functions tcp_input()
and udp_input()
   reverse   the   order  of  lookups  in
in_pcblookup_listen(),
 when this tag is present, so unspecific
listeners
                   are  matched  before specific ones.  This prevents external
                   connections from appearing  local  to  daemons
such as
                   portmap(8)  listening  on  both unspecific and
specific loopback
 sockets in order to grant  higher  privileges to local
                   users.

     m_tag_free() de-allocates a tag.

     m_tag_find()  finds  an  instance  of a tag of type type attached to packet
     mbuf.  If tag is NULL, the first such tag is returned.  Otherwise, the
     first  tag  of  type type after tag is returned.  If no such
tag is found,
     NULL is returned.

     m_tag_prepend() adds the new tag tag at the head of the  tag
list for
     packet mbuf.

     m_tag_unlink()  removes  tag  tag  from  the list of tags of
packet mbuf.

     m_tag_delete() removes and then de-allocates  tag  tag  from
the list of
     tags of packet mbuf.

     m_tag_copy() creates an unlinked copy of tag tag.

     m_tag_delete_chain()  deletes  all  tags  attached to packet
mbuf following
     tag tag.  If tag is NULL, all tags are deleted.

     m_tag_init() initializes the tag storage for packet mbuf.

     m_tag_copy_chain() copies all tags from packet mbuf to packet mbuf2.  On
     success, it returns 1.  Otherwise, it returns 0.

     m_tag_first() returns the first tag attached to packet mbuf.

     m_tag_next() returns the tag following tag in packet mbuf.

     The  M_MOVE_PKTHDR()  and  M_MOVE_HDR()  macros  defined  in
sys/sys/mbuf.h
     move   the   tags  from  the  old  to  the  new  mbuf.   The
M_DUP_PKTHDR() and
     M_DUP_HDR() macros create copies of the tag  chain  for  the
new mbuf.

CODE REFERENCES    [Toc]    [Back]

     The   tag-manipulating   code   is  contained  in  the  file
sys/kern/uipc_mbuf2.c.

SEE ALSO    [Toc]    [Back]

      
      
     bridge(4), gif(4), gre(4), ipsec(4), pf(4), malloc(9)

HISTORY    [Toc]    [Back]

     The packet tags first appeared in OpenBSD 2.9 and were written by Angelos
     D. Keromytis <angelos@openbsd.org>.

OpenBSD      3.6                           June      25,     2001
[ Back ]
 Similar pages
Name OS Title
disk_unbusy NetBSD generic disk framework
disk_resetstat NetBSD generic disk framework
disk OpenBSD generic disk framework
disk_detach NetBSD generic disk framework
disk_attach NetBSD generic disk framework
disk_init NetBSD generic disk framework
disk_attach OpenBSD generic disk framework
disk_busy OpenBSD generic disk framework
disk_find OpenBSD generic disk framework
disk_init OpenBSD generic disk framework
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service