diff options
| author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-07-28 10:58:10 -0700 |
|---|---|---|
| committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-07-28 10:58:10 -0700 |
| commit | 22e44c762bf77aefe988ed7b6874054f84f95b75 (patch) | |
| tree | a2d74fba00ad11308524be4561d065b4609cb774 /include | |
| parent | 1e6e112806903009643aef0a2f3736821c1a54d2 (diff) | |
| download | infinitytier-22e44c762bf77aefe988ed7b6874054f84f95b75.tar.gz infinitytier-22e44c762bf77aefe988ed7b6874054f84f95b75.zip | |
More rules engine work: key/value pair matching for microsegmentation.
Diffstat (limited to 'include')
| -rw-r--r-- | include/ZeroTierOne.h | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h index 0d1ddd4b..6abc04f2 100644 --- a/include/ZeroTierOne.h +++ b/include/ZeroTierOne.h @@ -391,12 +391,15 @@ enum ZT_VirtualNetworkType /** * The type of a virtual network rules table entry * - * These must range from 0 to 127 (0x7f). + * These must range from 0 to 127 (0x7f) because the most significant bit + * is reserved as a NOT flag. * * Each rule is composed of one or more MATCHes followed by an ACTION. */ enum ZT_VirtualNetworkRuleType { + // 0 to 31 reserved for actions + /** * Drop frame */ @@ -408,16 +411,16 @@ enum ZT_VirtualNetworkRuleType ZT_NETWORK_RULE_ACTION_ACCEPT = 1, /** - * Forward a copy of this frame to an observer + * Forward a copy of this frame to an observer (by ZT address) */ ZT_NETWORK_RULE_ACTION_TEE = 2, /** - * Explicitly redirect this frame to another device (ignored if this is the target device) + * Drop and redirect this frame to another node (by ZT address) */ ZT_NETWORK_RULE_ACTION_REDIRECT = 3, - // <32 == actions + // 32 to 127 reserved for match criteria /** * Source ZeroTier address -- analogous to an Ethernet port ID on a switch |