/* * Copyright (C) 2013 Realtek Semiconductor Corp. * All Rights Reserved. * * Unless you and Realtek execute a separate written software license * agreement governing use of this software, this software is licensed * to you under the terms of the GNU General Public License version 2, * available at https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt * * Purpose : RTL8367/RTL8367C switch high-level API * * Feature : The file includes 1X module high-layer API definition * */ #ifndef __RTK_API_DOT1X_H__ #define __RTK_API_DOT1X_H__ /* Type of port-based dot1x auth/unauth*/ typedef enum rtk_dot1x_auth_status_e { UNAUTH = 0, AUTH, AUTH_STATUS_END } rtk_dot1x_auth_status_t; typedef enum rtk_dot1x_direction_e { DIR_BOTH = 0, DIR_IN, DIRECTION_END } rtk_dot1x_direction_t; /* unauth pkt action */ typedef enum rtk_dot1x_unauth_action_e { DOT1X_ACTION_DROP = 0, DOT1X_ACTION_TRAP2CPU, DOT1X_ACTION_GUESTVLAN, DOT1X_ACTION_END } rtk_dot1x_unauth_action_t; /* Function Name: * rtk_dot1x_unauthPacketOper_set * Description: * Set 802.1x unauth action configuration. * Input: * port - Port id. * unauth_action - 802.1X unauth action. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_PORT_ID - Invalid port number. * RT_ERR_INPUT - Invalid input parameter. * Note: * This API can set 802.1x unauth action configuration. * The unauth action is as following: * - DOT1X_ACTION_DROP * - DOT1X_ACTION_TRAP2CPU * - DOT1X_ACTION_GUESTVLAN */ extern rtk_api_ret_t rtk_dot1x_unauthPacketOper_set(rtk_port_t port, rtk_dot1x_unauth_action_t unauth_action); /* Function Name: * rtk_dot1x_unauthPacketOper_get * Description: * Get 802.1x unauth action configuration. * Input: * port - Port id. * Output: * pUnauth_action - 802.1X unauth action. * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * RT_ERR_PORT_ID - Invalid port number. * Note: * This API can get 802.1x unauth action configuration. * The unauth action is as following: * - DOT1X_ACTION_DROP * - DOT1X_ACTION_TRAP2CPU * - DOT1X_ACTION_GUESTVLAN */ extern rtk_api_ret_t rtk_dot1x_unauthPacketOper_get(rtk_port_t port, rtk_dot1x_unauth_action_t *pUnauth_action); /* Function Name: * rtk_dot1x_eapolFrame2CpuEnable_set * Description: * Set 802.1x EAPOL packet trap to CPU configuration * Input: * enable - The status of 802.1x EAPOL packet. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_ENABLE - Invalid enable input. * Note: * To support 802.1x authentication functionality, EAPOL frame (ether type = 0x888E) has to * be trapped to CPU. * The status of EAPOL frame trap to CPU is as following: * - DISABLED * - ENABLED */ extern rtk_api_ret_t rtk_dot1x_eapolFrame2CpuEnable_set(rtk_enable_t enable); /* Function Name: * rtk_dot1x_eapolFrame2CpuEnable_get * Description: * Get 802.1x EAPOL packet trap to CPU configuration * Input: * None * Output: * pEnable - The status of 802.1x EAPOL packet. * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * Note: * To support 802.1x authentication functionality, EAPOL frame (ether type = 0x888E) has to * be trapped to CPU. * The status of EAPOL frame trap to CPU is as following: * - DISABLED * - ENABLED */ extern rtk_api_ret_t rtk_dot1x_eapolFrame2CpuEnable_get(rtk_enable_t *pEnable); /* Function Name: * rtk_dot1x_portBasedEnable_set * Description: * Set 802.1x port-based enable configuration * Input: * port - Port id. * enable - The status of 802.1x port. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_PORT_ID - Invalid port number. * RT_ERR_ENABLE - Invalid enable input. * RT_ERR_DOT1X_PORTBASEDPNEN - 802.1X port-based enable error * Note: * The API can update the port-based port enable register content. If a port is 802.1x * port based network access control "enabled", it should be authenticated so packets * from that port won't be dropped or trapped to CPU. * The status of 802.1x port-based network access control is as following: * - DISABLED * - ENABLED */ extern rtk_api_ret_t rtk_dot1x_portBasedEnable_set(rtk_port_t port, rtk_enable_t enable); /* Function Name: * rtk_dot1x_portBasedEnable_get * Description: * Get 802.1x port-based enable configuration * Input: * port - Port id. * Output: * pEnable - The status of 802.1x port. * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * RT_ERR_PORT_ID - Invalid port number. * Note: * The API can get the 802.1x port-based port status. */ extern rtk_api_ret_t rtk_dot1x_portBasedEnable_get(rtk_port_t port, rtk_enable_t *pEnable); /* Function Name: * rtk_dot1x_portBasedAuthStatus_set * Description: * Set 802.1x port-based auth. port configuration * Input: * port - Port id. * port_auth - The status of 802.1x port. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_PORT_ID - Invalid port number. * RT_ERR_DOT1X_PORTBASEDAUTH - 802.1X port-based auth error * Note: * The authenticated status of 802.1x port-based network access control is as following: * - UNAUTH * - AUTH */ extern rtk_api_ret_t rtk_dot1x_portBasedAuthStatus_set(rtk_port_t port, rtk_dot1x_auth_status_t port_auth); /* Function Name: * rtk_dot1x_portBasedAuthStatus_get * Description: * Get 802.1x port-based auth. port configuration * Input: * port - Port id. * Output: * pPort_auth - The status of 802.1x port. * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * RT_ERR_PORT_ID - Invalid port number. * Note: * The API can get 802.1x port-based port auth.information. */ extern rtk_api_ret_t rtk_dot1x_portBasedAuthStatus_get(rtk_port_t port, rtk_dot1x_auth_status_t *pPort_auth); /* Function Name: * rtk_dot1x_portBasedDirection_set * Description: * Set 802.1x port-based operational direction configuration * Input: * port - Port id. * port_direction - Operation direction * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_PORT_ID - Invalid port number. * RT_ERR_DOT1X_PORTBASEDOPDIR - 802.1X port-based operation direction error * Note: * The operate controlled direction of 802.1x port-based network access control is as following: * - BOTH * - IN */ extern rtk_api_ret_t rtk_dot1x_portBasedDirection_set(rtk_port_t port, rtk_dot1x_direction_t port_direction); /* Function Name: * rtk_dot1x_portBasedDirection_get * Description: * Get 802.1X port-based operational direction configuration * Input: * port - Port id. * Output: * pPort_direction - Operation direction * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * RT_ERR_PORT_ID - Invalid port number. * Note: * The API can get 802.1x port-based operational direction information. */ extern rtk_api_ret_t rtk_dot1x_portBasedDirection_get(rtk_port_t port, rtk_dot1x_direction_t *pPort_direction); /* Function Name: * rtk_dot1x_macBasedEnable_set * Description: * Set 802.1x mac-based port enable configuration * Input: * port - Port id. * enable - The status of 802.1x port. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_PORT_ID - Invalid port number. * RT_ERR_ENABLE - Invalid enable input. * RT_ERR_DOT1X_MACBASEDPNEN - 802.1X mac-based enable error * Note: * If a port is 802.1x MAC based network access control "enabled", the incoming packets should * be authenticated so packets from that port won't be dropped or trapped to CPU. * The status of 802.1x MAC-based network access control is as following: * - DISABLED * - ENABLED */ extern rtk_api_ret_t rtk_dot1x_macBasedEnable_set(rtk_port_t port, rtk_enable_t enable); /* Function Name: * rtk_dot1x_macBasedEnable_get * Description: * Get 802.1x mac-based port enable configuration * Input: * port - Port id. * Output: * pEnable - The status of 802.1x port. * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * RT_ERR_PORT_ID - Invalid port number. * Note: * If a port is 802.1x MAC based network access control "enabled", the incoming packets should * be authenticated so packets from that port wont be dropped or trapped to CPU. * The status of 802.1x MAC-based network access control is as following: * - DISABLED * - ENABLED */ extern rtk_api_ret_t rtk_dot1x_macBasedEnable_get(rtk_port_t port, rtk_enable_t *pEnable); /* Function Name: * rtk_dot1x_macBasedAuthMac_add * Description: * Add an authenticated MAC to ASIC * Input: * port - Port id. * pAuth_mac - The authenticated MAC. * fid - filtering database. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_PORT_ID - Invalid port number. * RT_ERR_ENABLE - Invalid enable input. * RT_ERR_DOT1X_MACBASEDPNEN - 802.1X mac-based enable error * Note: * The API can add a 802.1x authenticated MAC address to port. If the MAC does not exist in LUT, * user can't add this MAC to auth status. */ extern rtk_api_ret_t rtk_dot1x_macBasedAuthMac_add(rtk_port_t port, rtk_mac_t *pAuth_mac, rtk_fid_t fid); /* Function Name: * rtk_dot1x_macBasedAuthMac_del * Description: * Delete an authenticated MAC to ASIC * Input: * port - Port id. * pAuth_mac - The authenticated MAC. * fid - filtering database. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_MAC - Invalid MAC address. * RT_ERR_PORT_ID - Invalid port number. * Note: * The API can delete a 802.1x authenticated MAC address to port. It only change the auth status of * the MAC and won't delete it from LUT. */ extern rtk_api_ret_t rtk_dot1x_macBasedAuthMac_del(rtk_port_t port, rtk_mac_t *pAuth_mac, rtk_fid_t fid); /* Function Name: * rtk_dot1x_macBasedDirection_set * Description: * Set 802.1x mac-based operational direction configuration * Input: * mac_direction - Operation direction * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameter. * RT_ERR_DOT1X_MACBASEDOPDIR - 802.1X mac-based operation direction error * Note: * The operate controlled direction of 802.1x mac-based network access control is as following: * - BOTH * - IN */ extern rtk_api_ret_t rtk_dot1x_macBasedDirection_set(rtk_dot1x_direction_t mac_direction); /* Function Name: * rtk_dot1x_macBasedDirection_get * Description: * Get 802.1x mac-based operational direction configuration * Input: * port - Port id. * Output: * pMac_direction - Operation direction * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * Note: * The API can get 802.1x mac-based operational direction information. */ extern rtk_api_ret_t rtk_dot1x_macBasedDirection_get(rtk_dot1x_direction_t *pMac_direction); /* Function Name: * Set 802.1x guest VLAN configuration * Description: * Set 802.1x mac-based operational direction configuration * Input: * vid - 802.1x guest VLAN ID * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameter. * Note: * The operate controlled 802.1x guest VLAN */ extern rtk_api_ret_t rtk_dot1x_guestVlan_set(rtk_vlan_t vid); /* Function Name: * rtk_dot1x_guestVlan_get * Description: * Get 802.1x guest VLAN configuration * Input: * None * Output: * pVid - 802.1x guest VLAN ID * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * Note: * The API can get 802.1x guest VLAN information. */ extern rtk_api_ret_t rtk_dot1x_guestVlan_get(rtk_vlan_t *pVid); /* Function Name: * rtk_dot1x_guestVlan2Auth_set * Description: * Set 802.1x guest VLAN to auth host configuration * Input: * enable - The status of guest VLAN to auth host. * Output: * None * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameter. * Note: * The operational direction of 802.1x guest VLAN to auth host control is as following: * - ENABLED * - DISABLED */ extern rtk_api_ret_t rtk_dot1x_guestVlan2Auth_set(rtk_enable_t enable); /* Function Name: * rtk_dot1x_guestVlan2Auth_get * Description: * Get 802.1x guest VLAN to auth host configuration * Input: * None * Output: * pEnable - The status of guest VLAN to auth host. * Return: * RT_ERR_OK - OK * RT_ERR_FAILED - Failed * RT_ERR_SMI - SMI access error * RT_ERR_INPUT - Invalid input parameters. * Note: * The API can get 802.1x guest VLAN to auth host information. */ extern rtk_api_ret_t rtk_dot1x_guestVlan2Auth_get(rtk_enable_t *pEnable); #endif /* __RTK_API_DOT1X_H__ */