"Fossies" - the Fresh Open Source Software Archive

Member "vpnc-0.5.3/isakmp.h" (19 Nov 2008, 12933 Bytes) of package /linux/privat/old/vpnc-0.5.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) C and C++ source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "isakmp.h" see the Fossies "Dox" file reference documentation.

    1 /* ISAKMP constants.
    2    Copyright (C) 2002  Geoffrey Keating
    3 
    4    This program is free software; you can redistribute it and/or modify
    5    it under the terms of the GNU General Public License as published by
    6    the Free Software Foundation; either version 2 of the License, or
    7    (at your option) any later version.
    8    
    9    This program is distributed in the hope that it will be useful,
   10    but WITHOUT ANY WARRANTY; without even the implied warranty of
   11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   12    GNU General Public License for more details.
   13    
   14    You should have received a copy of the GNU General Public License
   15    along with this program; if not, write to the Free Software
   16    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   17 
   18    $Id: isakmp.h 324 2008-06-19 23:09:09Z Joerg Mayer $
   19 */
   20 
   21 #ifndef __ISAKMP_H__
   22 #define __ISAKMP_H__
   23 
   24 /* Flag bits for header.  */
   25 #define ISAKMP_FLAG_E   0x1
   26 #define ISAKMP_FLAG_C   0x2
   27 #define ISAKMP_FLAG_A   0x4
   28 
   29 /* Payload types */
   30 enum isakmp_payload_enum {
   31     ISAKMP_PAYLOAD_NONE = 0,    /* RFC 2408 */
   32     ISAKMP_PAYLOAD_SA,      /* RFC 2408, Security Association   */
   33     ISAKMP_PAYLOAD_P,       /* RFC 2408, Proposal           */
   34     ISAKMP_PAYLOAD_T,       /* RFC 2408, Transform          */
   35     ISAKMP_PAYLOAD_KE,      /* RFC 2408, Key Exchange       */
   36     ISAKMP_PAYLOAD_ID,      /* RFC 2408, Identification     */
   37     ISAKMP_PAYLOAD_CERT,        /* RFC 2408, Certificate        */
   38     ISAKMP_PAYLOAD_CR,      /* RFC 2408, Certificate Request    */
   39     ISAKMP_PAYLOAD_HASH,        /* RFC 2408, Hash           */
   40     ISAKMP_PAYLOAD_SIG,     /* RFC 2408, Signature          */
   41     ISAKMP_PAYLOAD_NONCE,       /* RFC 2408, Nonce          */
   42     ISAKMP_PAYLOAD_N,       /* RFC 2408, Notification       */
   43     ISAKMP_PAYLOAD_D,       /* RFC 2408, Delete         */
   44     ISAKMP_PAYLOAD_VID,     /* RFC 2408, Vendor ID          */
   45     ISAKMP_PAYLOAD_MODECFG_ATTR,
   46     ISAKMP_PAYLOAD_SAK,     /* RFC 3547, SA KEK         */
   47     ISAKMP_PAYLOAD_SAT,     /* RFC 3547, SA TEK         */
   48     ISAKMP_PAYLOAD_KD,      /* RFC 3547, Key Download       */
   49     ISAKMP_PAYLOAD_SEQNO,       /* RFC 3547, Sequence number        */
   50     ISAKMP_PAYLOAD_POP,     /* RFC 3547, Proof of Possession    */
   51     ISAKMP_PAYLOAD_NAT_D,       /* RFC 3947, NAT Discovery      */
   52     ISAKMP_PAYLOAD_NAT_OA,      /* RFC 3947, NAT Original Address   */
   53     ISAKMP_PAYLOAD_NAT_D_OLD = 0x82,
   54     ISAKMP_PAYLOAD_FRAG = 0x84
   55 };
   56 
   57 /* Exchange types.  */
   58 enum isakmp_exchange_enum {
   59     ISAKMP_EXCHANGE_NONE = 0,
   60     ISAKMP_EXCHANGE_BASE,
   61     ISAKMP_EXCHANGE_IDENTITY,
   62     ISAKMP_EXCHANGE_AUTH_ONLY,
   63     ISAKMP_EXCHANGE_AGGRESSIVE,
   64     ISAKMP_EXCHANGE_INFORMATIONAL,
   65     ISAKMP_EXCHANGE_MODECFG_TRANSACTION,
   66     ISAKMP_EXCHANGE_IKE_QUICK = 32,
   67     ISAKMP_EXCHANGE_IKE_NEW_GROUP
   68 };
   69 
   70 /* DOI types.  */
   71 enum isakmp_doi_enum {
   72     ISAKMP_DOI_GENERIC = 0,
   73     ISAKMP_DOI_IPSEC
   74 };
   75 
   76 /* Notify message types (error: 1-16383; status: 16384-65535).  */
   77 enum isakmp_notify_enum {
   78     ISAKMP_N_INVALID_PAYLOAD_TYPE = 1,
   79     ISAKMP_N_DOI_NOT_SUPPORTED,
   80     ISAKMP_N_SITUATION_NOT_SUPPORTED,
   81     ISAKMP_N_INVALID_COOKIE,
   82     ISAKMP_N_INVALID_MAJOR_VERSION,
   83     ISAKMP_N_INVALID_MINOR_VERSION,
   84     ISAKMP_N_INVALID_EXCHANGE_TYPE,
   85     ISAKMP_N_INVALID_FLAGS,
   86     ISAKMP_N_INVALID_MESSAGE_ID,
   87     ISAKMP_N_INVALID_PROTOCOL_ID,
   88     ISAKMP_N_INVALID_SPI,
   89     ISAKMP_N_INVALID_TRANSFORM_ID,
   90     ISAKMP_N_ATTRIBUTES_NOT_SUPPORTED,
   91     ISAKMP_N_NO_PROPOSAL_CHOSEN,
   92     ISAKMP_N_BAD_PROPOSAL_SYNTAX,
   93     ISAKMP_N_PAYLOAD_MALFORMED,
   94     ISAKMP_N_INVALID_KEY_INFORMATION,
   95     ISAKMP_N_INVALID_ID_INFORMATION,
   96     ISAKMP_N_INVALID_CERT_ENCODING,
   97     ISAKMP_N_INVALID_CERTIFICATE,
   98     ISAKMP_N_CERT_TYPE_UNSUPPORTED,
   99     ISAKMP_N_INVALID_CERT_AUTHORITY,
  100     ISAKMP_N_INVALID_HASH_INFORMATION,
  101     ISAKMP_N_AUTHENTICATION_FAILED,
  102     ISAKMP_N_INVALID_SIGNATURE,
  103     ISAKMP_N_ADDRESS_NOTIFICATION,
  104     ISAKMP_N_NOTIFY_SA_LIFETIME,
  105     ISAKMP_N_CERTIFICATE_UNAVAILABLE,
  106     ISAKMP_N_UNSUPPORTED_EXCHANGE_TYPE,
  107     ISAKMP_N_UNEQUAL_PAYLOAD_LENGTHS,
  108     ISAKMP_N_CONNECTED = 16384,
  109     ISAKMP_N_IPSEC_RESPONDER_LIFETIME = 24576,
  110     ISAKMP_N_IPSEC_REPLAY_STATUS,
  111     ISAKMP_N_IPSEC_INITIAL_CONTACT,
  112     ISAKMP_N_CISCO_HELLO = 30000,
  113     ISAKMP_N_CISCO_WWTEBR,
  114     ISAKMP_N_CISCO_SHUT_UP,
  115     ISAKMP_N_IOS_KEEP_ALIVE_REQ = 32768,
  116     ISAKMP_N_IOS_KEEP_ALIVE_ACK,
  117     ISAKMP_N_R_U_THERE = 36136,
  118     ISAKMP_N_R_U_THERE_ACK,
  119     ISAKMP_N_CISCO_LOAD_BALANCE = 40501,
  120     ISAKMP_N_CISCO_PRESHARED_KEY_HASH = 40503
  121 };
  122 
  123 /* Delete with reason values */
  124 /* Note: The values are random, i.e. we don't know them yet */
  125 enum dwr_ike_delete {
  126     IKE_DELETE_SERVER_SHUTDOWN = 0, /* Peer has been shut down */
  127     IKE_DELETE_SERVER_REBOOT, /* Peer has been rebooted. */
  128     IKE_DELETE_MAX_CONNECT_TIME, /* Maximum configured connection time exceeded. */
  129     IKE_DELETE_BY_USER_COMMAND, /* Manually disconnected by administrator. */
  130     IKE_DELETE_BY_ERROR, /* Connectivity to Client lost. */
  131     IKE_DELETE_NO_ERROR, /* Unknown error. */
  132     IKE_DELETE_IDLE_TIMEOUT, /* Maximum idle time for session exceeded. */
  133     IKE_DELETE_P2_PROPOSAL_MISMATCH, /* Policy negotiation failed */
  134     IKE_DELETE_FIREWALL_MISMATCH, /* Firewall policy mismatch. */
  135     IKE_DELETE_CERT_EXPIRED, /* Certificates used with this connection entry have expired. */
  136     IKE_DELETE_BY_EXPIRED_LIFETIME, /* Maximum configured lifetime exceeded. */
  137     DEL_REASON_RESET_SADB /* (found in vpnclient log file) */
  138 };
  139 
  140 /* Certificate types.  */
  141 enum isakmp_certificate_enum {
  142     ISAKMP_CERT_NONE = 0,
  143     ISAKMP_CERT_PKCS7_X509,
  144     ISAKMP_CERT_PGP,
  145     ISAKMP_CERT_DNS_SIG_KEY,
  146     ISAKMP_CERT_X509_SIG,
  147     ISAKMP_CERT_X509_KEX_EXCHANGE,
  148     ISAKMP_CERT_KERBEROS_TOKENS,
  149     ISAKMP_CERT_CRL,
  150     ISAKMP_CERT_ARL,
  151     ISAKMP_CERT_SPKI,
  152     ISAKMP_CERT_X509_ATTRIBUTE
  153 };
  154 
  155 /* IKE attribute types.  */
  156 enum ike_attr_enum {
  157     IKE_ATTRIB_ENC = 1,
  158     IKE_ATTRIB_HASH,
  159     IKE_ATTRIB_AUTH_METHOD,
  160     IKE_ATTRIB_GROUP_DESC,
  161     IKE_ATTRIB_GROUP_TYPE,
  162     IKE_ATTRIB_GROUP_PRIME,
  163     IKE_ATTRIB_GROUP_GEN_1,
  164     IKE_ATTRIB_GROUP_GEN_2,
  165     IKE_ATTRIB_GROUP_CURVE_A,
  166     IKE_ATTRIB_GROUP_CURVE_B,
  167     IKE_ATTRIB_LIFE_TYPE,
  168     IKE_ATTRIB_LIFE_DURATION,
  169     IKE_ATTRIB_PRF,
  170     IKE_ATTRIB_KEY_LENGTH,
  171     IKE_ATTRIB_FIELD_SIZE,
  172     IKE_ATTRIB_GROUP_ORDER,
  173     IKE_ATTRIB_BLOCK_SIZE,
  174     IKE_ATTRIB_NORTEL_UNKNOWN = 32767
  175 };
  176 
  177 /* IKE encryption algorithm IDs.  */
  178 enum ike_enc_enum {
  179     IKE_ENC_NO_CBC = 0,
  180     IKE_ENC_DES_CBC,
  181     IKE_ENC_IDEA_CBC,
  182     IKE_ENC_BLOWFISH_CBC,
  183     IKE_ENC_RC5_R16_B16_CBC,
  184     IKE_ENC_3DES_CBC,
  185     IKE_ENC_CAST_CBC,
  186     IKE_ENC_AES_CBC
  187 };
  188 
  189 /* IKE hash algorithm IDs.  */
  190 enum ike_hash_enum {
  191     IKE_HASH_MD5 = 1,
  192     IKE_HASH_SHA,
  193     IKE_HASH_TIGER,
  194     IKE_HASH_SHA2_256,
  195     IKE_HASH_SHA2_384,
  196     IKE_HASH_SHA2_512
  197 };
  198 
  199 /* IKE authentication method IDs.  */
  200 enum ike_auth_enum {
  201     IKE_AUTH_PRESHARED = 1,
  202     IKE_AUTH_DSS,
  203     IKE_AUTH_RSA_SIG,
  204     IKE_AUTH_RSA_ENC,
  205     IKE_AUTH_RSA_ENC_2,
  206     IKE_AUTH_EL_GAMAL_ENC,
  207     IKE_AUTH_EL_GAMAL_ENC_REV,
  208     IKE_AUTH_ECDSA_SIG,
  209     IKE_AUTH_HybridInitRSA = 64221,
  210     IKE_AUTH_HybridRespRSA,
  211     IKE_AUTH_HybridInitDSS,
  212     IKE_AUTH_HybridRespDSS,
  213     IKE_AUTH_XAUTHInitPreShared = 65001,
  214     IKE_AUTH_XAUTHRespPreShared,
  215     IKE_AUTH_XAUTHInitDSS,
  216     IKE_AUTH_XAUTHRespDSS,
  217     IKE_AUTH_XAUTHInitRSA,
  218     IKE_AUTH_XAUTHRespRSA,
  219     IKE_AUTH_XAUTHInitRSAEncryption,
  220     IKE_AUTH_XAUTHRespRSAEncryption,
  221     IKE_AUTH_XAUTHInitRSARevisedEncryption,
  222     IKE_AUTH_XAUTHRespRSARevisedEncryption
  223 };
  224 
  225 /* IKE group IDs.  */
  226 enum ike_group_enum {
  227     IKE_GROUP_MODP_768 = 1,
  228     IKE_GROUP_MODP_1024,
  229     IKE_GROUP_EC2N_155,
  230     IKE_GROUP_EC2N_185,
  231     IKE_GROUP_MODP_1536,
  232     IKE_GROUP_EC2N_163sect,
  233     IKE_GROUP_EC2N_163K,
  234     IKE_GROUP_EC2N_283sect,
  235     IKE_GROUP_EC2N_283K,
  236     IKE_GROUP_EC2N_409sect,
  237     IKE_GROUP_EC2N_409K,
  238     IKE_GROUP_EC2N_571sect,
  239     IKE_GROUP_EC2N_571K
  240 };
  241 
  242 /* IKE group type IDs.  */
  243 enum ike_group_type_enum {
  244     IKE_GROUP_TYPE_MODP = 1,
  245     IKE_GROUP_TYPE_ECP,
  246     IKE_GROUP_TYPE_EC2N
  247 };
  248 
  249 /* IKE life type IDs.  */
  250 enum ike_life_enum {
  251     IKE_LIFE_TYPE_SECONDS = 1,
  252     IKE_LIFE_TYPE_K
  253 };
  254 
  255 /* IPSEC situation masks.  */
  256 enum isakmp_ipsec_sit_enum {
  257     ISAKMP_IPSEC_SIT_IDENTITY_ONLY = 0x1,
  258     ISAKMP_IPSEC_SIT_SECRECY       = 0x2,
  259     ISAKMP_IPSEC_SIT_INTEGRITY     = 0x4
  260 };
  261 
  262 /* IPSEC Identification types.  */
  263 enum isakmp_ipsec_id_enum {
  264     ISAKMP_IPSEC_ID_RESERVED = 0,
  265     ISAKMP_IPSEC_ID_IPV4_ADDR,
  266     ISAKMP_IPSEC_ID_FQDN,
  267     ISAKMP_IPSEC_ID_USER_FQDN,
  268     ISAKMP_IPSEC_ID_IPV4_ADDR_SUBNET,
  269     ISAKMP_IPSEC_ID_IPV6_ADDR,
  270     ISAKMP_IPSEC_ID_IPV6_ADDR_SUBNET,
  271     ISAKMP_IPSEC_ID_IPV4_ADDR_RANGE,
  272     ISAKMP_IPSEC_ID_IPV6_ADDR_RANGE,
  273     ISAKMP_IPSEC_ID_DER_ASN1_DN,
  274     ISAKMP_IPSEC_ID_DER_ASN1_GN,
  275     ISAKMP_IPSEC_ID_KEY_ID
  276 };
  277 
  278 /* IPSEC protocol IDs.  */
  279 enum isakmp_ipsec_proto_enum {
  280     ISAKMP_IPSEC_PROTO_RESERVED = 0,
  281     ISAKMP_IPSEC_PROTO_ISAKMP,
  282     ISAKMP_IPSEC_PROTO_IPSEC_AH,
  283     ISAKMP_IPSEC_PROTO_IPSEC_ESP,
  284     ISAKMP_IPSEC_PROTO_IPCOMP,
  285     ISAKMP_IPSEC_PROTO_MODECFG = 512 /* hack for simplicity in debug code */
  286 };
  287 
  288 /* IPSEC transform IDs.  */
  289 enum isakmp_ipsec_key_enum {
  290     ISAKMP_IPSEC_KEY_RESERVED = 0,
  291     ISAKMP_IPSEC_KEY_IKE
  292 };
  293 
  294 /* IPSEC AH IDs.  */
  295 enum isakmp_ipsec_ah_enum {
  296     ISAKMP_IPSEC_AH_RESERVED = 0,
  297     ISAKMP_IPSEC_AH_MD5 = 2,
  298     ISAKMP_IPSEC_AH_SHA,
  299     ISAKMP_IPSEC_AH_DES,
  300     ISAKMP_IPSEC_AH_SHA2_256,
  301     ISAKMP_IPSEC_AH_SHA2_384,
  302     ISAKMP_IPSEC_AH_SHA2_512,
  303     ISAKMP_IPSEC_AH_RIPEMD
  304 };
  305 
  306 /* IPSEC ESP IDs.  */
  307 enum isakmp_ipsec_esp_enum {
  308     ISAKMP_IPSEC_ESP_RESERVED = 0,
  309     ISAKMP_IPSEC_ESP_DES_IV64,
  310     ISAKMP_IPSEC_ESP_DES,
  311     ISAKMP_IPSEC_ESP_3DES,
  312     ISAKMP_IPSEC_ESP_RC5,
  313     ISAKMP_IPSEC_ESP_IDEA,
  314     ISAKMP_IPSEC_ESP_CAST,
  315     ISAKMP_IPSEC_ESP_BLOWFISH,
  316     ISAKMP_IPSEC_ESP_3IDEA,
  317     ISAKMP_IPSEC_ESP_DES_IV32,
  318     ISAKMP_IPSEC_ESP_RC4,
  319     ISAKMP_IPSEC_ESP_NULL,
  320     ISAKMP_IPSEC_ESP_AES,
  321     ISAKMP_IPSEC_ESP_AES_128_CTR,
  322     ISAKMP_IPSEC_ESP_AES_MARS = 249,
  323     ISAKMP_IPSEC_ESP_AES_RC6,
  324     ISAKMP_IPSEC_ESP_AES_RIJNDAEL,
  325     ISAKMP_IPSEC_ESP_AES_SERPENT,
  326     ISAKMP_IPSEC_ESP_AES_TWOFISH
  327 };
  328 
  329 /* IPSEC attribute types.  */
  330 enum isakmp_ipsec_attr_enum {
  331     ISAKMP_IPSEC_ATTRIB_SA_LIFE_TYPE = 1,
  332     ISAKMP_IPSEC_ATTRIB_SA_LIFE_DURATION,
  333     ISAKMP_IPSEC_ATTRIB_GROUP_DESC,
  334     ISAKMP_IPSEC_ATTRIB_ENCAP_MODE,
  335     ISAKMP_IPSEC_ATTRIB_AUTH_ALG,
  336     ISAKMP_IPSEC_ATTRIB_KEY_LENGTH,
  337     ISAKMP_IPSEC_ATTRIB_KEY_ROUNDS,
  338     ISAKMP_IPSEC_ATTRIB_COMP_DICT_SIZE,
  339     ISAKMP_IPSEC_ATTRIB_COMP_PRIVATE_ALG,
  340     ISAKMP_IPSEC_ATTRIB_ECN_TUNNEL
  341 };
  342 
  343 /* IPSEC compression IDs.  */
  344 enum isakmp_ipsec_ipcomp_enum {
  345     ISAKMP_IPSEC_IPCOMP_RESERVED = 0,
  346     ISAKMP_IPSEC_IPCOMP_OUI,
  347     ISAKMP_IPSEC_IPCOMP_DEFLATE,
  348     ISAKMP_IPSEC_IPCOMP_LZS,
  349     ISAKMP_IPSEC_IPCOMP_V42BIS
  350 };
  351 
  352 /* IPSEC lifetime attribute values.  */
  353 enum ipsec_life_enum {
  354     IPSEC_LIFE_SECONDS = 1,
  355     IPSEC_LIFE_K
  356 };
  357 
  358 /* IPSEC encapsulation attribute numbers.  */
  359 enum ipsec_encap_enum {
  360     IPSEC_ENCAP_TUNNEL = 1,
  361     IPSEC_ENCAP_TRANSPORT,
  362     IPSEC_ENCAP_UDP_TUNNEL,
  363     IPSEC_ENCAP_UDP_TRANSPORT,
  364     IPSEC_ENCAP_UDP_TUNNEL_OLD = 61443,
  365     IPSEC_ENCAP_UDP_TRANSPORT_OLD
  366 };
  367 
  368 /* IPSEC authentication attribute numbers.  */
  369 enum ipsec_auth_enum {
  370     IPSEC_AUTH_HMAC_MD5 = 1,
  371     IPSEC_AUTH_HMAC_SHA,
  372     IPSEC_AUTH_DES_MAC,
  373     IPSEC_AUTH_KPDK
  374 };
  375 
  376 /* Other numbers.  */
  377 #define ISAKMP_COOKIE_LENGTH        8
  378 #define ISAKMP_VERSION          0x10
  379 /* offsets */
  380 #define ISAKMP_EXCHANGE_TYPE_O      18
  381 #define ISAKMP_I_COOKIE_O       0
  382 #define ISAKMP_R_COOKIE_O       8
  383 #define ISAKMP_MESSAGE_ID_O     20
  384 #define ISAKMP_PAYLOAD_O        28
  385 
  386 /* defined in vpnc.c */
  387 extern const unsigned char VID_XAUTH[];
  388 extern const unsigned char VID_DPD[];
  389 extern const unsigned char VID_UNITY[];
  390 extern const unsigned char VID_UNKNOWN[];
  391 extern const unsigned char VID_NATT_00[];
  392 extern const unsigned char VID_NATT_01[];
  393 extern const unsigned char VID_NATT_02[];
  394 extern const unsigned char VID_NATT_02N[];
  395 extern const unsigned char VID_NATT_RFC[];
  396 
  397 /* Support for draft-ietf-ipsec-isakmp-mode-cfg-05.txt (yuk).  */
  398 enum isakmp_modecfg_cfg_enum {
  399     ISAKMP_MODECFG_CFG_REQUEST = 1,
  400     ISAKMP_MODECFG_CFG_REPLY,
  401     ISAKMP_MODECFG_CFG_SET,
  402     ISAKMP_MODECFG_CFG_ACK
  403 };
  404 
  405 enum isakmp_modecfg_attrib_enum {
  406     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP4_ADDRESS = 1,
  407     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP4_NETMASK,
  408     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP4_DNS,
  409     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP4_NBNS,
  410     ISAKMP_MODECFG_ATTRIB_INTERNAL_ADDRESS_EXPIRY,
  411     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP4_DHCP,
  412     ISAKMP_MODECFG_ATTRIB_APPLICATION_VERSION,
  413     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP6_ADDRESS,
  414     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP6_NETMASK,
  415     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP6_DNS,
  416     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP6_NBNS,
  417     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP6_DHCP,
  418     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP4_SUBNET,
  419     ISAKMP_MODECFG_ATTRIB_SUPPORTED_ATTRIBUTES,
  420     ISAKMP_MODECFG_ATTRIB_INTERNAL_IP6_SUBNET,
  421     ISAKMP_XAUTH_06_ATTRIB_TYPE = 0x4088,
  422     ISAKMP_XAUTH_06_ATTRIB_USER_NAME,
  423     ISAKMP_XAUTH_06_ATTRIB_USER_PASSWORD,
  424     ISAKMP_XAUTH_06_ATTRIB_PASSCODE,
  425     ISAKMP_XAUTH_06_ATTRIB_MESSAGE,
  426     ISAKMP_XAUTH_06_ATTRIB_CHALLENGE,
  427     ISAKMP_XAUTH_06_ATTRIB_DOMAIN,
  428     ISAKMP_XAUTH_06_ATTRIB_STATUS,
  429     ISAKMP_XAUTH_06_ATTRIB_NEXT_PIN,
  430     ISAKMP_XAUTH_06_ATTRIB_ANSWER, /* TYPE .. ANSWER is excluded from dump */
  431     ISAKMP_MODECFG_ATTRIB_CISCO_BANNER = 0x7000,
  432     ISAKMP_MODECFG_ATTRIB_CISCO_SAVE_PW,
  433     ISAKMP_MODECFG_ATTRIB_CISCO_DEF_DOMAIN,
  434     ISAKMP_MODECFG_ATTRIB_CISCO_SPLIT_DNS,
  435     ISAKMP_MODECFG_ATTRIB_CISCO_SPLIT_INC,
  436     ISAKMP_MODECFG_ATTRIB_CISCO_UDP_ENCAP_PORT,
  437     ISAKMP_MODECFG_ATTRIB_CISCO_UNKNOWN, /* whatever 0x7006 is... */
  438     ISAKMP_MODECFG_ATTRIB_CISCO_DO_PFS,
  439     ISAKMP_MODECFG_ATTRIB_CISCO_FW_TYPE,
  440     ISAKMP_MODECFG_ATTRIB_CISCO_BACKUP_SERVER,
  441     ISAKMP_MODECFG_ATTRIB_CISCO_DDNS_HOSTNAME,
  442     ISAKMP_XAUTH_ATTRIB_CISCOEXT_VENDOR = 0x7d88 /* strange cisco things ... need docs! */
  443 };
  444 
  445 #endif