From 6f854c8391d94857b00f76ffaf127d087ccf130f Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Tue, 12 Apr 2016 12:11:34 -0700 Subject: NetworkConfig refactor part 1 --- include/ZeroTierOne.h | 161 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 159 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/ZeroTierOne.h b/include/ZeroTierOne.h index 076e31fc..9750b2f7 100644 --- a/include/ZeroTierOne.h +++ b/include/ZeroTierOne.h @@ -79,12 +79,37 @@ extern "C" { /** * Maximum length of network short name */ -#define ZT_MAX_NETWORK_SHORT_NAME_LENGTH 255 +#define ZT_MAX_NETWORK_SHORT_NAME_LENGTH 127 + +/** + * Maximum number of local routes on a network + */ +#define ZT_MAX_NETWORK_LOCAL_ROUTES 64 /** * Maximum number of statically assigned IP addresses per network endpoint using ZT address management (not DHCP) */ -#define ZT_MAX_ZT_ASSIGNED_ADDRESSES 16 +#define ZT_MAX_ZT_ASSIGNED_ADDRESSES 64 + +/** + * Maximum number of default routes / gateways on a network (ZT managed) + */ +#define ZT_MAX_NETWORK_GATEWAYS 8 + +/** + * Maximum number of active bridges on a network + */ +#define ZT_MAX_NETWORK_ACTIVE_BRIDGES 256 + +/** + * Maximum number of static devices on a network + */ +#define ZT_MAX_NETWORK_STATIC_DEVICES 64 + +/** + * Maximum number of rules per network (can be increased) + */ +#define ZT_MAX_NETWORK_RULES 64 /** * Maximum number of multicast group subscriptions per network @@ -134,6 +159,11 @@ extern "C" { */ #define ZT_CLUSTER_MAX_MESSAGE_LENGTH (1500 - 48) +/** + * This device is a network preferred relay + */ +#define ZT_NETWORK_STATIC_DEVICE_IS_RELAY 0x0001 + /** * A null/empty sockaddr (all zero) to signify an unspecified socket address */ @@ -357,6 +387,30 @@ enum ZT_VirtualNetworkStatus ZT_NETWORK_STATUS_CLIENT_TOO_OLD = 5 }; +/** + * A network-scope defined static device entry + * + * Statically defined devices can have pre-specified endpoint addresses + * and can serve as things like network-specific relays. + */ +typedef struct +{ + /** + * ZeroTier address (least significant 40 bits, other bits ignored) + */ + uint64_t address; + + /** + * Physical address or zero ss_family if unspecified (two entries to support both V4 and V6) + */ + struct sockaddr_storage physical[2]; + + /** + * Flags indicating roles (if any) and restrictions + */ + unsigned int flags; +} ZT_VirtualNetworkStaticDevice; + /** * Virtual network type codes */ @@ -373,6 +427,109 @@ enum ZT_VirtualNetworkType ZT_NETWORK_TYPE_PUBLIC = 1 }; +/** + * An action in a network rule + */ +enum ZT_VirtualNetworkRuleAction +{ + ZT_NETWORK_RULE_ACTION_DROP = 0, + ZT_NETWORK_RULE_ACTION_ACCEPT = 1 +}; + +/** + * Network flow rule + * + * Currently only etherType is supported! Other flags will have no effect + * until the rules engine is fully implemented. + */ +typedef struct +{ + /** + * Rule sort order + */ + int ruleNo; + + /** + * Source ZeroTier address ("port" on the global virtual switch) (0 == wildcard) + */ + uint64_t sourcePort; + + /** + * Destination ZeroTier address ("port" on the global virtual switch) (0 == wildcard) + */ + uint64_t destPort; + + /** + * VLAN ID (-1 == wildcard) + */ + int vlanId; + + /** + * VLAN PCP (-1 == wildcard) + */ + int vlanPcp; + + /** + * Ethernet type (-1 == wildcard) + */ + int etherType; + + /** + * Source MAC address (least significant 48 bits, host byte order) (0 == wildcard) + */ + uint64_t macSource; + + /** + * Destination MAC address (least significant 48 bits, host byte order) (0 == wildcard) + */ + uint64_t macDest; + + /** + * Source IP address (ss_family == 0 for wildcard) + */ + struct sockaddr_storage ipSource; + + /** + * Destination IP address (ss_family == 0 for wildcard) + */ + struct sockaddr_storage ipDest; + + /** + * IP type of service (-1 == wildcard) + */ + int ipTos; + + /** + * IP protocol (-1 == wildcard) + */ + int ipProtocol; + + /** + * IP source port (-1 == wildcard) + */ + int ipSourcePort; + + /** + * IP destination port (-1 == wildcard) + */ + int ipDestPort; + + /** + * Flags to match if set + */ + unsigned long flags; + + /** + * Flags to match if NOT set + */ + unsigned long invFlags; + + /** + * Action if rule matches + */ + enum ZT_VirtualNetworkRuleAction action; +} ZT_VirtualNetworkRule; + /** * An Ethernet multicast group */ -- cgit v1.2.3