471 lines
15 KiB
C
471 lines
15 KiB
C
/*
|
|
* Copyright (C) 2013 Realtek Semiconductor Corp.
|
|
* All Rights Reserved.
|
|
*
|
|
* Unless you and Realtek execute a separate written software license
|
|
* agreement governing use of this software, this software is licensed
|
|
* to you under the terms of the GNU General Public License version 2,
|
|
* available at https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
|
|
*
|
|
* Purpose : RTL8367/RTL8367C switch high-level API
|
|
*
|
|
* Feature : The file includes 1X module high-layer API definition
|
|
*
|
|
*/
|
|
|
|
#ifndef __RTK_API_DOT1X_H__
|
|
#define __RTK_API_DOT1X_H__
|
|
|
|
|
|
/* Type of port-based dot1x auth/unauth*/
|
|
typedef enum rtk_dot1x_auth_status_e
|
|
{
|
|
UNAUTH = 0,
|
|
AUTH,
|
|
AUTH_STATUS_END
|
|
} rtk_dot1x_auth_status_t;
|
|
|
|
typedef enum rtk_dot1x_direction_e
|
|
{
|
|
DIR_BOTH = 0,
|
|
DIR_IN,
|
|
DIRECTION_END
|
|
} rtk_dot1x_direction_t;
|
|
|
|
/* unauth pkt action */
|
|
typedef enum rtk_dot1x_unauth_action_e
|
|
{
|
|
DOT1X_ACTION_DROP = 0,
|
|
DOT1X_ACTION_TRAP2CPU,
|
|
DOT1X_ACTION_GUESTVLAN,
|
|
DOT1X_ACTION_END
|
|
} rtk_dot1x_unauth_action_t;
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_unauthPacketOper_set
|
|
* Description:
|
|
* Set 802.1x unauth action configuration.
|
|
* Input:
|
|
* port - Port id.
|
|
* unauth_action - 802.1X unauth action.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* RT_ERR_INPUT - Invalid input parameter.
|
|
* Note:
|
|
* This API can set 802.1x unauth action configuration.
|
|
* The unauth action is as following:
|
|
* - DOT1X_ACTION_DROP
|
|
* - DOT1X_ACTION_TRAP2CPU
|
|
* - DOT1X_ACTION_GUESTVLAN
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_unauthPacketOper_set(rtk_port_t port, rtk_dot1x_unauth_action_t unauth_action);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_unauthPacketOper_get
|
|
* Description:
|
|
* Get 802.1x unauth action configuration.
|
|
* Input:
|
|
* port - Port id.
|
|
* Output:
|
|
* pUnauth_action - 802.1X unauth action.
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* Note:
|
|
* This API can get 802.1x unauth action configuration.
|
|
* The unauth action is as following:
|
|
* - DOT1X_ACTION_DROP
|
|
* - DOT1X_ACTION_TRAP2CPU
|
|
* - DOT1X_ACTION_GUESTVLAN
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_unauthPacketOper_get(rtk_port_t port, rtk_dot1x_unauth_action_t *pUnauth_action);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_eapolFrame2CpuEnable_set
|
|
* Description:
|
|
* Set 802.1x EAPOL packet trap to CPU configuration
|
|
* Input:
|
|
* enable - The status of 802.1x EAPOL packet.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_ENABLE - Invalid enable input.
|
|
* Note:
|
|
* To support 802.1x authentication functionality, EAPOL frame (ether type = 0x888E) has to
|
|
* be trapped to CPU.
|
|
* The status of EAPOL frame trap to CPU is as following:
|
|
* - DISABLED
|
|
* - ENABLED
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_eapolFrame2CpuEnable_set(rtk_enable_t enable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_eapolFrame2CpuEnable_get
|
|
* Description:
|
|
* Get 802.1x EAPOL packet trap to CPU configuration
|
|
* Input:
|
|
* None
|
|
* Output:
|
|
* pEnable - The status of 802.1x EAPOL packet.
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* Note:
|
|
* To support 802.1x authentication functionality, EAPOL frame (ether type = 0x888E) has to
|
|
* be trapped to CPU.
|
|
* The status of EAPOL frame trap to CPU is as following:
|
|
* - DISABLED
|
|
* - ENABLED
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_eapolFrame2CpuEnable_get(rtk_enable_t *pEnable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_portBasedEnable_set
|
|
* Description:
|
|
* Set 802.1x port-based enable configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* enable - The status of 802.1x port.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* RT_ERR_ENABLE - Invalid enable input.
|
|
* RT_ERR_DOT1X_PORTBASEDPNEN - 802.1X port-based enable error
|
|
* Note:
|
|
* The API can update the port-based port enable register content. If a port is 802.1x
|
|
* port based network access control "enabled", it should be authenticated so packets
|
|
* from that port won't be dropped or trapped to CPU.
|
|
* The status of 802.1x port-based network access control is as following:
|
|
* - DISABLED
|
|
* - ENABLED
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_portBasedEnable_set(rtk_port_t port, rtk_enable_t enable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_portBasedEnable_get
|
|
* Description:
|
|
* Get 802.1x port-based enable configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* Output:
|
|
* pEnable - The status of 802.1x port.
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* Note:
|
|
* The API can get the 802.1x port-based port status.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_portBasedEnable_get(rtk_port_t port, rtk_enable_t *pEnable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_portBasedAuthStatus_set
|
|
* Description:
|
|
* Set 802.1x port-based auth. port configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* port_auth - The status of 802.1x port.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* RT_ERR_DOT1X_PORTBASEDAUTH - 802.1X port-based auth error
|
|
* Note:
|
|
* The authenticated status of 802.1x port-based network access control is as following:
|
|
* - UNAUTH
|
|
* - AUTH
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_portBasedAuthStatus_set(rtk_port_t port, rtk_dot1x_auth_status_t port_auth);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_portBasedAuthStatus_get
|
|
* Description:
|
|
* Get 802.1x port-based auth. port configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* Output:
|
|
* pPort_auth - The status of 802.1x port.
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* Note:
|
|
* The API can get 802.1x port-based port auth.information.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_portBasedAuthStatus_get(rtk_port_t port, rtk_dot1x_auth_status_t *pPort_auth);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_portBasedDirection_set
|
|
* Description:
|
|
* Set 802.1x port-based operational direction configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* port_direction - Operation direction
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* RT_ERR_DOT1X_PORTBASEDOPDIR - 802.1X port-based operation direction error
|
|
* Note:
|
|
* The operate controlled direction of 802.1x port-based network access control is as following:
|
|
* - BOTH
|
|
* - IN
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_portBasedDirection_set(rtk_port_t port, rtk_dot1x_direction_t port_direction);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_portBasedDirection_get
|
|
* Description:
|
|
* Get 802.1X port-based operational direction configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* Output:
|
|
* pPort_direction - Operation direction
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* Note:
|
|
* The API can get 802.1x port-based operational direction information.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_portBasedDirection_get(rtk_port_t port, rtk_dot1x_direction_t *pPort_direction);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_macBasedEnable_set
|
|
* Description:
|
|
* Set 802.1x mac-based port enable configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* enable - The status of 802.1x port.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* RT_ERR_ENABLE - Invalid enable input.
|
|
* RT_ERR_DOT1X_MACBASEDPNEN - 802.1X mac-based enable error
|
|
* Note:
|
|
* If a port is 802.1x MAC based network access control "enabled", the incoming packets should
|
|
* be authenticated so packets from that port won't be dropped or trapped to CPU.
|
|
* The status of 802.1x MAC-based network access control is as following:
|
|
* - DISABLED
|
|
* - ENABLED
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_macBasedEnable_set(rtk_port_t port, rtk_enable_t enable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_macBasedEnable_get
|
|
* Description:
|
|
* Get 802.1x mac-based port enable configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* Output:
|
|
* pEnable - The status of 802.1x port.
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* Note:
|
|
* If a port is 802.1x MAC based network access control "enabled", the incoming packets should
|
|
* be authenticated so packets from that port wont be dropped or trapped to CPU.
|
|
* The status of 802.1x MAC-based network access control is as following:
|
|
* - DISABLED
|
|
* - ENABLED
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_macBasedEnable_get(rtk_port_t port, rtk_enable_t *pEnable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_macBasedAuthMac_add
|
|
* Description:
|
|
* Add an authenticated MAC to ASIC
|
|
* Input:
|
|
* port - Port id.
|
|
* pAuth_mac - The authenticated MAC.
|
|
* fid - filtering database.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* RT_ERR_ENABLE - Invalid enable input.
|
|
* RT_ERR_DOT1X_MACBASEDPNEN - 802.1X mac-based enable error
|
|
* Note:
|
|
* The API can add a 802.1x authenticated MAC address to port. If the MAC does not exist in LUT,
|
|
* user can't add this MAC to auth status.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_macBasedAuthMac_add(rtk_port_t port, rtk_mac_t *pAuth_mac, rtk_fid_t fid);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_macBasedAuthMac_del
|
|
* Description:
|
|
* Delete an authenticated MAC to ASIC
|
|
* Input:
|
|
* port - Port id.
|
|
* pAuth_mac - The authenticated MAC.
|
|
* fid - filtering database.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_MAC - Invalid MAC address.
|
|
* RT_ERR_PORT_ID - Invalid port number.
|
|
* Note:
|
|
* The API can delete a 802.1x authenticated MAC address to port. It only change the auth status of
|
|
* the MAC and won't delete it from LUT.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_macBasedAuthMac_del(rtk_port_t port, rtk_mac_t *pAuth_mac, rtk_fid_t fid);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_macBasedDirection_set
|
|
* Description:
|
|
* Set 802.1x mac-based operational direction configuration
|
|
* Input:
|
|
* mac_direction - Operation direction
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameter.
|
|
* RT_ERR_DOT1X_MACBASEDOPDIR - 802.1X mac-based operation direction error
|
|
* Note:
|
|
* The operate controlled direction of 802.1x mac-based network access control is as following:
|
|
* - BOTH
|
|
* - IN
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_macBasedDirection_set(rtk_dot1x_direction_t mac_direction);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_macBasedDirection_get
|
|
* Description:
|
|
* Get 802.1x mac-based operational direction configuration
|
|
* Input:
|
|
* port - Port id.
|
|
* Output:
|
|
* pMac_direction - Operation direction
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* Note:
|
|
* The API can get 802.1x mac-based operational direction information.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_macBasedDirection_get(rtk_dot1x_direction_t *pMac_direction);
|
|
|
|
/* Function Name:
|
|
* Set 802.1x guest VLAN configuration
|
|
* Description:
|
|
* Set 802.1x mac-based operational direction configuration
|
|
* Input:
|
|
* vid - 802.1x guest VLAN ID
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameter.
|
|
* Note:
|
|
* The operate controlled 802.1x guest VLAN
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_guestVlan_set(rtk_vlan_t vid);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_guestVlan_get
|
|
* Description:
|
|
* Get 802.1x guest VLAN configuration
|
|
* Input:
|
|
* None
|
|
* Output:
|
|
* pVid - 802.1x guest VLAN ID
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* Note:
|
|
* The API can get 802.1x guest VLAN information.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_guestVlan_get(rtk_vlan_t *pVid);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_guestVlan2Auth_set
|
|
* Description:
|
|
* Set 802.1x guest VLAN to auth host configuration
|
|
* Input:
|
|
* enable - The status of guest VLAN to auth host.
|
|
* Output:
|
|
* None
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameter.
|
|
* Note:
|
|
* The operational direction of 802.1x guest VLAN to auth host control is as following:
|
|
* - ENABLED
|
|
* - DISABLED
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_guestVlan2Auth_set(rtk_enable_t enable);
|
|
|
|
/* Function Name:
|
|
* rtk_dot1x_guestVlan2Auth_get
|
|
* Description:
|
|
* Get 802.1x guest VLAN to auth host configuration
|
|
* Input:
|
|
* None
|
|
* Output:
|
|
* pEnable - The status of guest VLAN to auth host.
|
|
* Return:
|
|
* RT_ERR_OK - OK
|
|
* RT_ERR_FAILED - Failed
|
|
* RT_ERR_SMI - SMI access error
|
|
* RT_ERR_INPUT - Invalid input parameters.
|
|
* Note:
|
|
* The API can get 802.1x guest VLAN to auth host information.
|
|
*/
|
|
extern rtk_api_ret_t rtk_dot1x_guestVlan2Auth_get(rtk_enable_t *pEnable);
|
|
|
|
|
|
#endif /* __RTK_API_DOT1X_H__ */
|
|
|