# -*- mode: Outline; fill-column: 78; fill-prefix: " " -*- # # klips2-design-legend.txt # Richard Guy Briggs # # RCSID $Id: klips2-design-legend.txt,v 1.7 2001/05/29 18:52:12 rgb Exp $ # # This document is a legend of labels and acronyms on the diagram. It # also acts as a very brief glossary to the rest of the klips2-design # documents. Please see klips2-design.txt for an overview. # The first column contains the acronym or label used. It is followed # by the acronym written out in full or a very brief description. KMd-1...n Key Management Daemons 1 to n Routing Routing Table kernel interface Policy SPDB KMd interface seclev Match Packet Security Level (not yet implemented in Linux) SADDR Match Packet Source Address DADDR Match Packet Destination Address SMASK Match Packet Source Address Network Mask DMASK Match Packet Destination Address Network Mask SPORT Match Packet Transport Layer Source Port Number DPORT Match Packet Transport Layer Destination Port Number UID Match Packet User IDentifier SA Security Association SAList Security Association List SAID Security Association IDentifier TDB Tunnel Descriptor Block ESP Encapsulating Security Payload IPSECdev IPSEC virtual tunnel device SADB Security Association DataBase SPDB Security Policy DataBase SPI Security Parameters Index get/set_sockopt get or set socket options DROP Target DROP Packet ACCEPT Target ACCEPT Packet REJECT Target REJECT Packet TRAP Target TRAP Packet HOLD Target HOLD Packet PEEK Target PEEK Packet IPSEC Target IPSEC Packet __..__.. PF_KEYv2 communication path ___.___. User/Kernel Space demarcation