diff options
Diffstat (limited to 'include/ZeroTierOne.h')
| -rw-r--r-- | include/ZeroTierOne.h | 45 |
1 files changed, 38 insertions, 7 deletions
diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h index b03abf86..c4696e7d 100644 --- a/include/ZeroTierOne.h +++ b/include/ZeroTierOne.h @@ -102,14 +102,14 @@ extern "C" { #define ZT_MAX_NETWORK_PINNED 16 /** - * Maximum number of rule table entries per network (can be increased) + * Maximum number of multicast group subscriptions per network */ -#define ZT_MAX_NETWORK_RULES 256 +#define ZT_MAX_NETWORK_MULTICAST_SUBSCRIPTIONS 4096 /** - * Maximum number of multicast group subscriptions per network + * Maximum number of base (non-capability) network rules */ -#define ZT_MAX_NETWORK_MULTICAST_SUBSCRIPTIONS 4096 +#define ZT_MAX_NETWORK_RULES 256 /** * Maximum number of direct network paths to a given peer @@ -122,6 +122,21 @@ extern "C" { #define ZT_MAX_TRUSTED_PATHS 16 /** + * Maximum number of rules per capability + */ +#define ZT_MAX_CAPABILITY_RULES 64 + +/** + * Maximum length of a capbility's short descriptive name + */ +#define ZT_MAX_CAPABILITY_NAME_LENGTH 63 + +/** + * Global maximum length for capability chain of custody (including initial issue) + */ +#define ZT_MAX_CAPABILITY_CUSTODY_CHAIN_LENGTH 7 + +/** * Maximum number of hops in a ZeroTier circuit test * * This is more or less the max that can be fit in a given packet (with @@ -516,9 +531,6 @@ enum ZT_VirtualNetworkRuleType /** * Network flow rule * - * NOTE: Currently (1.1.x) only etherType is supported! Other things will - * have no effect until the rules engine is fully implemented. - * * Rules are stored in a table in which one or more match entries is followed * by an action. If more than one match precedes an action, the rule is * the AND of all matches. An action with no match is always taken since it @@ -619,6 +631,25 @@ typedef struct } v; } ZT_VirtualNetworkRule; +typedef struct +{ + /** + * 128-bit ID (GUID) of this capability + */ + uint64_t id[2]; + + /** + * Expiration time (measured vs. network config timestamp issued by controller) + */ + uint64_t expiration; + + + struct { + uint64_t from; + uint64_t to; + } custody[ZT_MAX_CAPABILITY_CUSTODY_CHAIN_LENGTH]; +} ZT_VirtualNetworkCapability; + /** * A route to be pushed on a virtual network */ |