riplib.html

来自「Vxworks API操作系统和驱动程序设计API。压缩的HTML文件」· HTML 代码 · 共 1,386 行 · 第 1/5 页

<hr>
<a name="ripRouteShow"></a>
<p align=right>
<a href="rtnIndex.htm"><i>OS Libraries :  Routines</i></a></p>

</blockquote><h1>ripRouteShow(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong>ripRouteShow(&nbsp;)</strong> - display the internal routing table maintained by RIP</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>void ripRouteShow ()</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine prints every entry in the local RIP routing table. The
flags displayed below the destination, gateway, and netmask addresses
indicate the current route status. Entries with the <b>RTS_INTERFACE</b> flag
indicate locally generated routes to directly connected networks. 
If <b>RTS_SUBNET</b> is set for an entry, it is subject to border
gateway filtering (if enabled). When <b>RTS_INTERNAL</b> is also present, the 
corresponding entry is an "artificial" route created to supply distant
networks with legitimate destinations if border filtering excludes the
actual entry. Those entries are not copied to the kernel routing table.
The <b>RTS_CHANGED</b> flag marks entries added or modified in the last timer 
interval that will be included in a triggered update. The <b>RTS_OTHER</b> 
flag is set for routes learnt from other sources. The <b>RTS_PRIMARY</b>
flag (set only if the <b>RTS_OTHER</b> flag is also set) indicates that the route
is a primary route, visible to the IP forwarding process. The DOWN flag
indicates that the interface through which the gateway is reachable is
down.
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripIfShow"></a>
<p align=right>
<a href="rtnIndex.htm"><i>OS Libraries :  Routines</i></a></p>

</blockquote><h1>ripIfShow(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong>ripIfShow(&nbsp;)</strong> - display the internal interface table maintained by RIP</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>void ripIfShow (void)</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine prints every entry in the local RIP interface table. 
The interface name, interface index, the UP/DOWN status and the 
interface address and netmask are displayed.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
N/A
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
N/A
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripAuthHookAdd"></a>
<p align=right>
<a href="rtnIndex.htm"><i>OS Libraries :  Routines</i></a></p>

</blockquote><h1>ripAuthHookAdd(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong>ripAuthHookAdd(&nbsp;)</strong> - add an authentication hook to a RIP interface</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripAuthHookAdd
    (
    char*   pIpAddr,          /* IP address in dotted decimal notation */
    FUNCPTR pAuthHook         /* routine to handle message authentication */
    )
</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine installs a hook routine to validate incoming RIP messages
for a registered interface given by <i>pIpAddr</i>. (Interfaces created or
changed after a RIP session has started may be installed/updated with the
<b><a href="./ripLib.html#ripIfSearch">ripIfSearch</a>(&nbsp;)</b> and <b><a href="./ripLib.html#ripIfReset">ripIfReset</a>(&nbsp;)</b> routines). The hook is only called if
an SNMP agent enables authentication for the corresponding interface.
It uses the following prototype:
<p>
<pre>    STATUS ripAuthHookRtn (char *pKey, RIP_PKT *pRip);
</pre>
The first argument contains the authentication key for the message
stored in the rip2IfConfAuthKey MIB variable and the second argument 
uses the <b>RIP_PKT</b> structure (defined in <b>rip/ripLib.h</b>) to access the message 
body. The routine must return OK if the message is acceptable, or ERROR 
otherwise. All RIP-2 messages sent to that routine already contain an 
authentication entry, but have not been verified. (Any unauthenticated
RIP-2 messages have already been discarded as required by the RFC 
specification). RIP-1 messages may be accepted or rejected. RIP-2 messages
requesting simple password authentication that match the key are
accepted automatically before the hook is called. The remaining RIP-2
messages either did not match that key or are using an unknown 
authentication type. If any messages are rejected, the MIB-II counters are 
updated appropriately outside of the hook routine.
<p>
The current RIP implementation contains a sample authentication hook that
you may add as follows:
<p>
<pre>    if (ripAuthHookAdd ("90.0.0.1", ripAuthHook) == ERROR)
        logMsg ("Unable to add authorization hook.\n", 0, 0, 0, 0, 0, 0);
</pre>

The sample routine supports only simple password authentication against
the key included in the MIB variable. Since all such messages have already
been accepted, all RIP-2 messages received by the routine are discarded.
All RIP-1 messages are also discarded, so the hook actually has no
effect. The body of that routine is:
<p>
<pre>STATUS ripAuthHook
   (
   char *     pKey,   /* rip2IfConfAuthKey entry from MIB-II family */
   RIP_PKT *  pRip    /* received RIP message */
   )
   {
   if (pRip-&gt;rip_vers == 1)
       {
       /* 
        * The RFC specification recommends, but does not require, rejecting
        @ version 1 packets when authentication is enabled.
        */

       return (ERROR);
       }

   /*
    @ The authentication type field in the RIP message corresponds to
    @ the first two bytes of the sa_data field overlayed on that
    @ message by the sockaddr structure contained within the RIP_PKT 
    @ structure (see rip/ripLib.h).
    */

   if ( (pRip-&gt;rip_nets[0].rip_dst.sa_data[0] != 0) ||
       (pRip-&gt;rip_nets[0].rip_dst.sa_data[1] !=
       M2_rip2IfConfAuthType_simplePassword))
       {
       /* Unrecognized authentication type. */

       return (ERROR);
       }

   /* 
    * Discard version 2 packets requesting simple password authentication
    @ which did not match the MIB variable. 
    */

   return (ERROR);
   }
</pre>

A comparison against a different key could be performed as follows:
<p>
<pre> bzero ( (char *)&amp;key, AUTHKEYLEN);    /* AUTHKEYLEN from rip/m2RipLib.h */

  /*
   @ The start of the authorization key corresponds to the third byte
   @ of the sa_data field in the sockaddr structure overlayed on the
   @ body of the RIP message by the RIP_PKT structure. It continues
   @ for the final 14 bytes of that structure and the first two bytes
   @ of the following rip_metric field.
   */

 bcopy ( (char *)(pRip-&gt;rip_nets[0].rip_dst.sa_data + 2),
        (char *)&amp;key, AUTHKEYLEN);

 if (bcmp ( (char *)key, privateKey, AUTHKEYLEN) != 0)
     {
     /* Key does not match: reject message. */

     return (ERROR);
     }
 return (OK);
</pre>

The <b><a href="./ripLib.html#ripAuthHookDelete">ripAuthHookDelete</a>(&nbsp;)</b> routine will remove the installed function. If
authentication is still enabled for the interface, all incoming messages
that do not use simple password authentication will be rejected until a
routine is provided.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK, if hook added; or ERROR otherwise.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
<p>
&nbsp;<b>S_m2Lib_INVALID_PARAMETER</b><br>
&nbsp;<b>S_m2Lib_ENTRY_NOT_FOUND</b>
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripAuthHookDelete"></a>
<p align=right>
<a href="rtnIndex.htm"><i>OS Libraries :  Routines</i></a></p>

</blockquote><h1>ripAuthHookDelete(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong>ripAuthHookDelete(&nbsp;)</strong> - remove an authentication hook from a RIP interface</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripAuthHookDelete
    (
    char* pIpAddr             /* IP address in dotted decimal notation */
    )
</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine removes an assigned authentication hook from a registered
interface indicated by <i>pIpAddr</i>. (Interfaces created or changed after 
a RIP session has started may be installed/updated with the <b><a href="./ripLib.html#ripIfSearch">ripIfSearch</a>(&nbsp;)</b> 
and <b><a href="./ripLib.html#ripIfReset">ripIfReset</a>(&nbsp;)</b> routines). If authentication is still enabled for the 
interface, RIP-2 messages using simple password authentication will be
accepted if they match the key in the MIB variable, but all other incoming 
messages will be rejected until a routine is provided.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK; or ERROR, if the interface could not be found.
<p>
</blockquote><h4>ERRNO</h4><blockquote><p>
<p>
&nbsp;<b>S_m2Lib_INVALID_PARAMETER</b><br>
&nbsp;<b>S_m2Lib_ENTRY_NOT_FOUND</b>
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripAuthHook"></a>
<p align=right>
<a href="rtnIndex.htm"><i>OS Libraries :  Routines</i></a></p>

</blockquote><h1>ripAuthHook(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong>ripAuthHook(&nbsp;)</strong> - sample authentication hook</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripAuthHook
    (
    char *    pKey,           /* rip2IfConfAuthKey entry from MIB-II family */
    RIP_PKT * pRip            /* received RIP message */
    )
</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This hook demonstrates one possible authentication mechanism. It rejects
all RIP-2 messages that used simple password authentication since they
did not match the key contained in the MIB variable. All other RIP-2
messages are also rejected since no other authentication type is
supported and all RIP-1 messages are also rejected, as recommended by
the RFC specification. This behavior is the same as if no hook were 
installed.
<p>
</blockquote><h4>RETURNS</h4><blockquote><p>
OK, if message is acceptable; or ERROR otherwise.
</blockquote><h4>SEE ALSO</h4><blockquote><p>
<b><a href="./ripLib.html#top">ripLib</a></b>

<hr>
<a name="ripLeakHookAdd"></a>
<p align=right>
<a href="rtnIndex.htm"><i>OS Libraries :  Routines</i></a></p>

</blockquote><h1>ripLeakHookAdd(&nbsp;)</h1> <blockquote></a></blockquote><h4>NAME</h4><blockquote>  
<p><strong>ripLeakHookAdd(&nbsp;)</strong> - add a hook to bypass the RIP and kernel routing tables</p>

</blockquote><h4>SYNOPSIS</h4><blockquote><p>
<pre>STATUS ripLeakHookAdd
    (
    char *  pIpAddr,          /* IP address in dotted decimal notation */
    FUNCPTR pLeakHook         /* function pointer to hook */
    )
</pre>

</blockquote><h4>DESCRIPTION</h4><blockquote><p>
This routine installs a hook routine to support alternative routing
protocols for the registered interface given by <i>pIpAddr</i>. (Interfaces 
created or changed after a RIP session has started may be installed/updated
with the <b><a href="./ripLib.html#ripIfSearch">ripIfSearch</a>(&nbsp;)</b> and <b><a href="./ripLib.html#ripIfReset">ripIfReset</a>(&nbsp;)</b> routines). 
<p>
The hook uses the following interface:
<pre>    STATUS ripLeakHookRtn (long dest, long gateway, long netmask)
</pre>