qca-nss-clients/exports/nss_capwapmgr.h - manifest_repos/sdk - Git at Google

 /*
  **************************************************************************
  * Copyright (c) 2014-2020, The Linux Foundation. All rights reserved.
  * Permission to use, copy, modify, and/or distribute this software for
  * any purpose with or without fee is hereby granted, provided that the
  * above copyright notice and this permission notice appear in all copies.
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
  * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  **************************************************************************
  */

 /**
  * nss_capwapmgr.h
  *	CAPWAP manager for NSS
  */
 #ifndef __NSS_CAPWAPMGR_H
 #define __NSS_CAPWAPMGR_H

 #include <nss_dtlsmgr.h>

 /*
  * Maximum number of tunnels currently supported
  */
 #define NSS_CAPWAPMGR_MAX_TUNNELS		32

 #define NSS_CAPWAPMGR_TUNNEL_STATE_CONFIGURED		0x1
 					/**< Bit is set if tunnel has been configured */
 #define NSS_CAPWAPMGR_TUNNEL_STATE_ENABLED		0x2
 					/**< Bit is set if tunnel has been enabled */
 #define NSS_CAPWAPMGR_TUNNEL_STATE_IPRULE_CONFIGURED	0x4
 					/**< Bit is set if tunnel IP rule exist */

 /*
  * Tunnel feature flags
  */
 #define NSS_CAPWAPMGR_FEATURE_DTLS_ENABLED		0x00000001	/* Tunnel enabled DTLS. */
 #define NSS_CAPWAPMGR_FEATURE_INNER_TRUSTSEC_ENABLED	0x00000002	/* Tunnel enabled inner trustsec. */
 #define NSS_CAPWAPMGR_FEATURE_OUTER_TRUSTSEC_ENABLED	0x00000004	/* Tunnel enabled outer trustsec. */
 #define NSS_CAPWAPMGR_FEATURE_WIRELESS_QOS_ENABLED	0x00000008	/* Tunnel enabled wireless QoS. */

 /*
  * All CAPWAP messages to NSS FW are sync in nature. It means we have
  * to wait for ACK/NACK from NSS FW before proceeding further.
  * Keep a NSS FW response table to wakeup sync message caller.
  */
 struct nss_capwapmgr_response {
 	struct semaphore sem;
 	wait_queue_head_t wq;
 	enum nss_cmn_response response;
 	nss_capwap_msg_response_t error;
 	atomic_t seq;
 };

 /**
  * Mapping table from tunnel-id to if_num and rule.
  */
 struct nss_capwapmgr_tunnel {
 	struct net_device *dtls_dev;		/**< DTLS netdevice */
 	uint32_t if_num_inner;			/**< Interface number of the INNER CAPWAP node */
 	uint32_t if_num_outer;			/**< Interface number of the OUTER CAPWAP node */
 	uint32_t tunnel_state;			/**< Tunnel state */
 	uint16_t type_flags;            /**< Tunnel Type to determine header size */
 	union {
 		struct nss_ipv4_create v4;	/**< IPv4 rule structure */
 		struct nss_ipv6_create v6;	/**< IPv6 rule struture */
 	} ip_rule;
 	struct nss_capwap_rule_msg capwap_rule;	/**< Copy of CAPWAP rule */
 };

 /**
  * Private structure to store information needed by a nss_capwap net_device
  */
 struct nss_capwapmgr_priv {
 	struct nss_ctx_instance *nss_ctx;	/**< Pointer to NSS context */
 	struct nss_capwapmgr_tunnel *tunnel;	/**< Pointer to tunnel data */
 	uint8_t *if_num_to_tunnel_id;		/**< Mapping table from if_num to tunnel_id. */
 	struct nss_capwapmgr_response *resp;	/**< Response housekeeping */
 };

 /**
  * CAPWAP status enums
  */
 typedef enum {
 	/*
 	 * nss_tx_status_t enums
 	 */
 	NSS_CAPWAPMGR_SUCCESS = NSS_TX_SUCCESS,
 	NSS_CAPWAPMGR_FAILURE = NSS_TX_FAILURE,
 	NSS_CAPWAPMGR_FAILURE_QUEUE = NSS_TX_FAILURE_QUEUE,
 	NSS_CAPWAPMGR_FAILURE_NOT_READY = NSS_TX_FAILURE_NOT_READY,
 	NSS_CAPWAPMGR_FAILURE_TOO_LARGE = NSS_TX_FAILURE_TOO_LARGE,
 	NSS_CAPWAPMGR_FAILURE_TOO_SHORT = NSS_TX_FAILURE_TOO_SHORT,
 	NSS_CAPWAPMGR_FAILURE_NOT_SUPPORTED = NSS_TX_FAILURE_NOT_SUPPORTED,
 	NSS_CAPWAPMGR_FAILURE_BAD_PARAM = NSS_TX_FAILURE_BAD_PARAM,

 	/*
 	 * CAPWAP specific ones.
 	 */
 	NSS_CAPWAPMGR_FAILURE_TUNNEL_ENABLED = 100,	/**< Tunnel is enabled */
 	NSS_CAPWAPMGR_FAILURE_TUNNEL_DISABLED,		/**< Tunnel is disabled */
 	NSS_CAPWAPMGR_FAILURE_TUNNEL_NOT_CFG,		/**< Tunnel is not configured yet */
 	NSS_CAPWAPMGR_FAILURE_TUNNEL_EXISTS,		/**< Tunnel already exisits */
 	NSS_CAPWAPMGR_FAILURE_DI_ALLOC_FAILED,		/**< Dynamic interface alloc failed */
 	NSS_CAPWAPMGR_FAILURE_CAPWAP_RULE,		/**< Failed to create CAPWAP rule */
 	NSS_CAPWAPMGR_FAILURE_IP_RULE,			/**< Failed to create IP rule */
 	NSS_CAPWAPMGR_FAILURE_REGISTER_NSS,		/**< Failed to register with NSS */
 	NSS_CAPWAPMGR_FAILURE_CMD_TIMEOUT,		/**< NSS Driver Command timed-out */
 	NSS_CAPWAPMGR_FAILURE_INVALID_REASSEMBLY_TIMEOUT,/**< Invalid reasm timeout */
 	NSS_CAPWAPMGR_FAILURE_INVALID_PATH_MTU,		/**< Invalid path mtu */
 	NSS_CAPWAPMGR_FAILURE_INVALID_MAX_FRAGMENT,	/**< Invalid max fragment */
 	NSS_CAPWAPMGR_FAILURE_INVALID_BUFFER_SIZE,	/**< Invalid buffer size */
 	NSS_CAPWAPMGR_FAILURE_INVALID_L3_PROTO,		/**< Invalid Layer3 protocol */
 	NSS_CAPWAPMGR_FAILURE_INVALID_UDP_PROTO,	/**< Invalid UDP protocol */
 	NSS_CAPWAPMGR_FAILURE_INVALID_VERSION,		/**< Invalid capwap version */
 	NSS_CAPWAPMGR_FAILURE_IP_DESTROY_RULE,		/**< Destroy IP rule failed */
 	NSS_CAPWAPMGR_FAILURE_CAPWAP_DESTROY_RULE,	/**< Destroy capwap rule failed */
 	NSS_CAPWAPMGR_FAILURE_INVALID_IP_NODE,		/**< Invalid tunnel IP node */
 	NSS_CAPWAPMGR_FAILURE_INVALID_TYPE_FLAG,	/**< Invalid type */
 	NSS_CAPWAPMGR_FAILURE_INVALID_DTLS_CFG,		/**< Invalid DTLS configuration */
 	NSS_CAPWAPMGR_FAILURE_CONFIGURE_TRUSTSEC_TX,	/**< Failed to configure trustsectx */
 	NSS_CAPWAPMGR_FAILURE_UNCONFIGURE_TRUSTSEC_TX,	/**< Failed to unconfigure trustsectx */
 	NSS_CAPWAPMGR_FAILURE_CONFIGURE_DSCP_MAP,	/**< Failed to configure dscp_map */
 	NSS_CAPWAPMGR_FAILURE_CREATE_UDF_PROFILE,	/**< Failed creating user defined profile */
 	NSS_CAPWAPMGR_FAILURE_ACL_RULE_ALREADY_EXIST,	/**< ACL rule already exist */
 	NSS_CAPWAPMGR_FAILURE_ADD_ACL_RULE,		/**< Failed adding ACL rule */
 	NSS_CAPWAPMGR_FAILURE_BIND_ACL_LIST,		/**< Failed binding ACL list */
 	NSS_CAPWAPMGR_FAILURE_ACL_UNAVAILABLE,		/**< ACL rule unavailable */
 	NSS_CAPWAPMGR_FAILURE_MEM_UNAVAILABLE,		/**< Failed to alloc memory */
 	NSS_CAPWAPMGR_FAILURE_DSCP_RULE_ID_INVALID,	/**< DSCP rule ID invalid */
 	NSS_CAPWAPMGR_FAILURE_DSCP_RULE_ID_NOT_IN_USE,	/**< DSCP rule not in use */
 	NSS_CAPWAPMGR_FAILURE_DSCP_RULE_DELETE_FAILED,	/**< DSCP rule delete failed */
 } nss_capwapmgr_status_t;

 /**
  * @brief Creates a CAPWAP netdevice
  *
  * @return Pointer to a newly created netdevice
  *
  * @note First CAPWAP interface name is capwap0 and so on
  */
 extern struct net_device *nss_capwapmgr_netdev_create(void);

 /**
  * @brief Creates a IPv4 CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param IPv4 rule structure
  * @param CAPWAP rule structure
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_ipv4_tunnel_create(struct net_device *dev, uint8_t tunnel_id,
 			struct nss_ipv4_create *ip_rule, struct nss_capwap_rule_msg *capwap_rule,
 			struct nss_dtlsmgr_config *in_data);

 /**
  * @brief Creates a IPv6 CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param IPv6 rule structure
  * @param CAPWAP rule structure
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_ipv6_tunnel_create(struct net_device *dev, uint8_t tunnel_id,
 			struct nss_ipv6_create *ip_rule, struct nss_capwap_rule_msg *capwap_rule,
 			struct nss_dtlsmgr_config *in_data);

 /**
  * @brief Enable a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_enable_tunnel(struct net_device *dev, uint8_t tunnel_id);

 /**
  * @brief Enable a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_disable_tunnel(struct net_device *dev, uint8_t tunnel_id);

 /**
  * @brief Updates Path MTU of a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param New Path MTU
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_update_path_mtu(struct net_device *dev, uint8_t tunnel_id, uint32_t mtu);

 /**
  * @brief Updates Destination MAC Address of a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param New MAC Address
  *
  * @return nss_capwapmgr_status_t
  */
 nss_capwapmgr_status_t nss_capwapmgr_update_dest_mac_addr(struct net_device *dev, uint8_t tunnel_id, uint8_t *mac_addr);

 /**
  * @brief Updates Source Interface number
  *
  * @param netdevice
  * @param tunnel_id
  * @param source interface number
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_update_src_interface(struct net_device *dev, uint8_t tunnel_id, uint32_t src_interface_num);

 /**
  * @brief Delete a DSCP prioritization rule that was created.
  *
  * @param Rule ID
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_dscp_rule_destroy(uint8_t id);

 /**
  * @brief Prioritize packets with certain dscp value. 0 - lowest priority, 3 - highest priority.
  *
  * @param DSCP value
  * @param DSCP mask
  * @param Priority[0-3]
  * @param[out] Return rule ID
  *
  * @return nss_capwapmgr_status_t
  */
 nss_capwapmgr_status_t nss_capwapmgr_dscp_rule_create(uint8_t dscp_value, uint8_t dscp_mask, uint8_t pri, uint8_t *id);

 /**
  * @brief Get the DTLS net_device associated to the CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  *
  * @return Pointer to struct net_device
  *
  * @note This API hold the NET_DEVICE reference; after use the caller must perform
  * "dev_put" to release the reference.
  */
 struct net_device *nss_capwapmgr_get_dtls_netdev(struct net_device *dev, uint8_t tunnel_id);

 /**
  * @brief Changes version of a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param New version
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_change_version(struct net_device *dev, uint8_t tunnel_id, uint8_t ver);

 /**
  * @brief Configure dtls settings of a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param enable or disable
  * @param dtls configuration
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_configure_dtls(struct net_device *dev, uint8_t tunnel_id,
 							uint8_t enable_dtls, struct nss_dtlsmgr_config *in_data);

 /**
  * @brief RX cipher update for a CAPWAP DTLS tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param dtls configuration update
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_rx_cipher_update(struct net_device *dev, uint8_t tunnel_id,
 									struct nss_dtlsmgr_config_update *udata);

 /**
  * @brief TX cipher update for a CAPWAP DTLS tunnel
  *
  * @param netdevice
  * @param tunnel_id
  * @param dtls configuration update
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_tx_cipher_update(struct net_device *dev, uint8_t tunnel_id,
 									struct nss_dtlsmgr_config_update *udata);

 /**
  * @brief RX cipher switch for a CAPWAP DTLS tunnel
  *
  * @param netdevice
  * @param tunnel_id
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_rx_cipher_switch(struct net_device *dev, uint8_t tunnel_id);

 /**
  * @brief TX cipher switch for a CAPWAP DTLS tunnel
  *
  * @param netdevice
  * @param tunnel_id
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_tx_cipher_switch(struct net_device *dev, uint8_t tunnel_id);

 /**
  * @brief Destroy a CAPWAP tunnel
  *
  * @param netdevice
  * @param tunnel_id
  *
  * @return nss_capwapmgr_status_t
  *
  * @note CAPWAP tunnel must be disabled before destroy operation.
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_tunnel_destroy(struct net_device *dev, uint8_t tunnel_id);

 /**
  * @brief Send a flow rule add message to NSS
  *
  * @param netdevice
  * @param tunnel_id
  * @param ip_version
  * @param protocol
  * @param src_ip
  * @param dst_ip
  * @param src_port
  * @param dst_port
  * @param flow_id
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_add_flow_rule(struct net_device *dev, uint8_t tunnel_id, uint16_t ip_version,
 						uint16_t protocol, uint32_t *src_ip, uint32_t *dst_ip,
 						uint16_t src_port, uint16_t dst_port, uint32_t flow_id);

 /**
  * @brief Send a flow rule delete message to NSS
  *
  * @param netdevice
  * @param tunnel_id
  * @param ip_version
  * @param protocol
  * @param src_ip
  * @param dst_ip
  * @param src_port
  * @param dst_port
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_del_flow_rule(struct net_device *dev, uint8_t tunnel_id, uint16_t ip_version,
 						uint16_t protocol, uint32_t *src_ip, uint32_t *dst_ip,
 						uint16_t src_port, uint16_t dst_port);

 /**
  * @brief Destroy a netdevice
  *
  * @param netdevice
  *
  * @return nss_capwapmgr_status_t
  *
  * @note CAPWAP tunnel must be destroyed first.
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_netdev_destroy(struct net_device *netdev);

 /**
  * @brief Gets CAPWAP tunnel stats
  *
  * @param netdevice
  * @param tunnel_id
  * @param pointer to struct nss_capwap_tunnel_stats
  *
  * @return nss_capwapmgr_status_t
  */
 extern nss_capwapmgr_status_t nss_capwapmgr_tunnel_stats(struct net_device *dev, uint8_t tunnel_id,
 							struct nss_capwap_tunnel_stats *stats);

 #if defined(NSS_CAPWAPMGR_ONE_NETDEV)
 /**
  * @brief Returns netdevice used by NSS CAPWAP manager
  *
  * @param void
  *
  * @return Pointer to struct net_device
  */
 extern struct net_device *nss_capwapmgr_get_netdev(void);
 #endif /* NSS_CAPWAPMGR_ONE_NETDEV */
 #endif /* __NSS_CAPWAPMGR_H */
	/*
	**************************************************************************
	* Copyright (c) 2014-2020, The Linux Foundation. All rights reserved.
	* Permission to use, copy, modify, and/or distribute this software for
	* any purpose with or without fee is hereby granted, provided that the
	* above copyright notice and this permission notice appear in all copies.
	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
	* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	**************************************************************************
	*/

	/**
	* nss_capwapmgr.h
	* CAPWAP manager for NSS
	*/
	#ifndef __NSS_CAPWAPMGR_H
	#define __NSS_CAPWAPMGR_H

	#include <nss_dtlsmgr.h>

	/*
	* Maximum number of tunnels currently supported
	*/
	#define NSS_CAPWAPMGR_MAX_TUNNELS 32

	#define NSS_CAPWAPMGR_TUNNEL_STATE_CONFIGURED 0x1
	/*< Bit is set if tunnel has been configured /
	#define NSS_CAPWAPMGR_TUNNEL_STATE_ENABLED 0x2
	/*< Bit is set if tunnel has been enabled /
	#define NSS_CAPWAPMGR_TUNNEL_STATE_IPRULE_CONFIGURED 0x4
	/*< Bit is set if tunnel IP rule exist /

	/*
	* Tunnel feature flags
	*/
	#define NSS_CAPWAPMGR_FEATURE_DTLS_ENABLED 0x00000001 /* Tunnel enabled DTLS. */
	#define NSS_CAPWAPMGR_FEATURE_INNER_TRUSTSEC_ENABLED 0x00000002 /* Tunnel enabled inner trustsec. */
	#define NSS_CAPWAPMGR_FEATURE_OUTER_TRUSTSEC_ENABLED 0x00000004 /* Tunnel enabled outer trustsec. */
	#define NSS_CAPWAPMGR_FEATURE_WIRELESS_QOS_ENABLED 0x00000008 /* Tunnel enabled wireless QoS. */

	/*
	* All CAPWAP messages to NSS FW are sync in nature. It means we have
	* to wait for ACK/NACK from NSS FW before proceeding further.
	* Keep a NSS FW response table to wakeup sync message caller.
	*/
	struct nss_capwapmgr_response {
	struct semaphore sem;
	wait_queue_head_t wq;
	enum nss_cmn_response response;
	nss_capwap_msg_response_t error;
	atomic_t seq;
	};

	/**
	* Mapping table from tunnel-id to if_num and rule.
	*/
	struct nss_capwapmgr_tunnel {
	struct net_device dtls_dev; /< DTLS netdevice /
	uint32_t if_num_inner; /*< Interface number of the INNER CAPWAP node /
	uint32_t if_num_outer; /*< Interface number of the OUTER CAPWAP node /
	uint32_t tunnel_state; /*< Tunnel state /
	uint16_t type_flags; /*< Tunnel Type to determine header size /
	union {
	struct nss_ipv4_create v4; /*< IPv4 rule structure /
	struct nss_ipv6_create v6; /*< IPv6 rule struture /
	} ip_rule;
	struct nss_capwap_rule_msg capwap_rule; /*< Copy of CAPWAP rule /
	};

	/**
	* Private structure to store information needed by a nss_capwap net_device
	*/
	struct nss_capwapmgr_priv {
	struct nss_ctx_instance nss_ctx; /< Pointer to NSS context /
	struct nss_capwapmgr_tunnel tunnel; /< Pointer to tunnel data /
	uint8_t if_num_to_tunnel_id; /< Mapping table from if_num to tunnel_id. /
	struct nss_capwapmgr_response resp; /< Response housekeeping /
	};

	/**
	* CAPWAP status enums
	*/
	typedef enum {
	/*
	* nss_tx_status_t enums
	*/
	NSS_CAPWAPMGR_SUCCESS = NSS_TX_SUCCESS,
	NSS_CAPWAPMGR_FAILURE = NSS_TX_FAILURE,
	NSS_CAPWAPMGR_FAILURE_QUEUE = NSS_TX_FAILURE_QUEUE,
	NSS_CAPWAPMGR_FAILURE_NOT_READY = NSS_TX_FAILURE_NOT_READY,
	NSS_CAPWAPMGR_FAILURE_TOO_LARGE = NSS_TX_FAILURE_TOO_LARGE,
	NSS_CAPWAPMGR_FAILURE_TOO_SHORT = NSS_TX_FAILURE_TOO_SHORT,
	NSS_CAPWAPMGR_FAILURE_NOT_SUPPORTED = NSS_TX_FAILURE_NOT_SUPPORTED,
	NSS_CAPWAPMGR_FAILURE_BAD_PARAM = NSS_TX_FAILURE_BAD_PARAM,

	/*
	* CAPWAP specific ones.
	*/
	NSS_CAPWAPMGR_FAILURE_TUNNEL_ENABLED = 100, /*< Tunnel is enabled /
	NSS_CAPWAPMGR_FAILURE_TUNNEL_DISABLED, /*< Tunnel is disabled /
	NSS_CAPWAPMGR_FAILURE_TUNNEL_NOT_CFG, /*< Tunnel is not configured yet /
	NSS_CAPWAPMGR_FAILURE_TUNNEL_EXISTS, /*< Tunnel already exisits /
	NSS_CAPWAPMGR_FAILURE_DI_ALLOC_FAILED, /*< Dynamic interface alloc failed /
	NSS_CAPWAPMGR_FAILURE_CAPWAP_RULE, /*< Failed to create CAPWAP rule /
	NSS_CAPWAPMGR_FAILURE_IP_RULE, /*< Failed to create IP rule /
	NSS_CAPWAPMGR_FAILURE_REGISTER_NSS, /*< Failed to register with NSS /
	NSS_CAPWAPMGR_FAILURE_CMD_TIMEOUT, /*< NSS Driver Command timed-out /
	NSS_CAPWAPMGR_FAILURE_INVALID_REASSEMBLY_TIMEOUT,/*< Invalid reasm timeout /
	NSS_CAPWAPMGR_FAILURE_INVALID_PATH_MTU, /*< Invalid path mtu /
	NSS_CAPWAPMGR_FAILURE_INVALID_MAX_FRAGMENT, /*< Invalid max fragment /
	NSS_CAPWAPMGR_FAILURE_INVALID_BUFFER_SIZE, /*< Invalid buffer size /
	NSS_CAPWAPMGR_FAILURE_INVALID_L3_PROTO, /*< Invalid Layer3 protocol /
	NSS_CAPWAPMGR_FAILURE_INVALID_UDP_PROTO, /*< Invalid UDP protocol /
	NSS_CAPWAPMGR_FAILURE_INVALID_VERSION, /*< Invalid capwap version /
	NSS_CAPWAPMGR_FAILURE_IP_DESTROY_RULE, /*< Destroy IP rule failed /
	NSS_CAPWAPMGR_FAILURE_CAPWAP_DESTROY_RULE, /*< Destroy capwap rule failed /
	NSS_CAPWAPMGR_FAILURE_INVALID_IP_NODE, /*< Invalid tunnel IP node /
	NSS_CAPWAPMGR_FAILURE_INVALID_TYPE_FLAG, /*< Invalid type /
	NSS_CAPWAPMGR_FAILURE_INVALID_DTLS_CFG, /*< Invalid DTLS configuration /
	NSS_CAPWAPMGR_FAILURE_CONFIGURE_TRUSTSEC_TX, /*< Failed to configure trustsectx /
	NSS_CAPWAPMGR_FAILURE_UNCONFIGURE_TRUSTSEC_TX, /*< Failed to unconfigure trustsectx /
	NSS_CAPWAPMGR_FAILURE_CONFIGURE_DSCP_MAP, /*< Failed to configure dscp_map /
	NSS_CAPWAPMGR_FAILURE_CREATE_UDF_PROFILE, /*< Failed creating user defined profile /
	NSS_CAPWAPMGR_FAILURE_ACL_RULE_ALREADY_EXIST, /*< ACL rule already exist /
	NSS_CAPWAPMGR_FAILURE_ADD_ACL_RULE, /*< Failed adding ACL rule /
	NSS_CAPWAPMGR_FAILURE_BIND_ACL_LIST, /*< Failed binding ACL list /
	NSS_CAPWAPMGR_FAILURE_ACL_UNAVAILABLE, /*< ACL rule unavailable /
	NSS_CAPWAPMGR_FAILURE_MEM_UNAVAILABLE, /*< Failed to alloc memory /
	NSS_CAPWAPMGR_FAILURE_DSCP_RULE_ID_INVALID, /*< DSCP rule ID invalid /
	NSS_CAPWAPMGR_FAILURE_DSCP_RULE_ID_NOT_IN_USE, /*< DSCP rule not in use /
	NSS_CAPWAPMGR_FAILURE_DSCP_RULE_DELETE_FAILED, /*< DSCP rule delete failed /
	} nss_capwapmgr_status_t;

	/**
	* @brief Creates a CAPWAP netdevice
	*
	* @return Pointer to a newly created netdevice
	*
	* @note First CAPWAP interface name is capwap0 and so on
	*/
	extern struct net_device *nss_capwapmgr_netdev_create(void);

	/**
	* @brief Creates a IPv4 CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param IPv4 rule structure
	* @param CAPWAP rule structure
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_ipv4_tunnel_create(struct net_device *dev, uint8_t tunnel_id,
	struct nss_ipv4_create ip_rule, struct nss_capwap_rule_msg capwap_rule,
	struct nss_dtlsmgr_config *in_data);

	/**
	* @brief Creates a IPv6 CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param IPv6 rule structure
	* @param CAPWAP rule structure
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_ipv6_tunnel_create(struct net_device *dev, uint8_t tunnel_id,
	struct nss_ipv6_create ip_rule, struct nss_capwap_rule_msg capwap_rule,
	struct nss_dtlsmgr_config *in_data);

	/**
	* @brief Enable a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_enable_tunnel(struct net_device *dev, uint8_t tunnel_id);

	/**
	* @brief Enable a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_disable_tunnel(struct net_device *dev, uint8_t tunnel_id);

	/**
	* @brief Updates Path MTU of a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param New Path MTU
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_update_path_mtu(struct net_device *dev, uint8_t tunnel_id, uint32_t mtu);

	/**
	* @brief Updates Destination MAC Address of a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param New MAC Address
	*
	* @return nss_capwapmgr_status_t
	*/
	nss_capwapmgr_status_t nss_capwapmgr_update_dest_mac_addr(struct net_device dev, uint8_t tunnel_id, uint8_t mac_addr);

	/**
	* @brief Updates Source Interface number
	*
	* @param netdevice
	* @param tunnel_id
	* @param source interface number
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_update_src_interface(struct net_device *dev, uint8_t tunnel_id, uint32_t src_interface_num);

	/**
	* @brief Delete a DSCP prioritization rule that was created.
	*
	* @param Rule ID
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_dscp_rule_destroy(uint8_t id);

	/**
	* @brief Prioritize packets with certain dscp value. 0 - lowest priority, 3 - highest priority.
	*
	* @param DSCP value
	* @param DSCP mask
	* @param Priority[0-3]
	* @param[out] Return rule ID
	*
	* @return nss_capwapmgr_status_t
	*/
	nss_capwapmgr_status_t nss_capwapmgr_dscp_rule_create(uint8_t dscp_value, uint8_t dscp_mask, uint8_t pri, uint8_t *id);

	/**
	* @brief Get the DTLS net_device associated to the CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	*
	* @return Pointer to struct net_device
	*
	* @note This API hold the NET_DEVICE reference; after use the caller must perform
	* "dev_put" to release the reference.
	*/
	struct net_device nss_capwapmgr_get_dtls_netdev(struct net_device dev, uint8_t tunnel_id);

	/**
	* @brief Changes version of a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param New version
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_change_version(struct net_device *dev, uint8_t tunnel_id, uint8_t ver);

	/**
	* @brief Configure dtls settings of a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param enable or disable
	* @param dtls configuration
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_configure_dtls(struct net_device *dev, uint8_t tunnel_id,
	uint8_t enable_dtls, struct nss_dtlsmgr_config *in_data);

	/**
	* @brief RX cipher update for a CAPWAP DTLS tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param dtls configuration update
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_rx_cipher_update(struct net_device *dev, uint8_t tunnel_id,
	struct nss_dtlsmgr_config_update *udata);

	/**
	* @brief TX cipher update for a CAPWAP DTLS tunnel
	*
	* @param netdevice
	* @param tunnel_id
	* @param dtls configuration update
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_tx_cipher_update(struct net_device *dev, uint8_t tunnel_id,
	struct nss_dtlsmgr_config_update *udata);

	/**
	* @brief RX cipher switch for a CAPWAP DTLS tunnel
	*
	* @param netdevice
	* @param tunnel_id
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_rx_cipher_switch(struct net_device *dev, uint8_t tunnel_id);

	/**
	* @brief TX cipher switch for a CAPWAP DTLS tunnel
	*
	* @param netdevice
	* @param tunnel_id
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_dtls_rekey_tx_cipher_switch(struct net_device *dev, uint8_t tunnel_id);

	/**
	* @brief Destroy a CAPWAP tunnel
	*
	* @param netdevice
	* @param tunnel_id
	*
	* @return nss_capwapmgr_status_t
	*
	* @note CAPWAP tunnel must be disabled before destroy operation.
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_tunnel_destroy(struct net_device *dev, uint8_t tunnel_id);

	/**
	* @brief Send a flow rule add message to NSS
	*
	* @param netdevice
	* @param tunnel_id
	* @param ip_version
	* @param protocol
	* @param src_ip
	* @param dst_ip
	* @param src_port
	* @param dst_port
	* @param flow_id
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_add_flow_rule(struct net_device *dev, uint8_t tunnel_id, uint16_t ip_version,
	uint16_t protocol, uint32_t src_ip, uint32_t dst_ip,
	uint16_t src_port, uint16_t dst_port, uint32_t flow_id);

	/**
	* @brief Send a flow rule delete message to NSS
	*
	* @param netdevice
	* @param tunnel_id
	* @param ip_version
	* @param protocol
	* @param src_ip
	* @param dst_ip
	* @param src_port
	* @param dst_port
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_del_flow_rule(struct net_device *dev, uint8_t tunnel_id, uint16_t ip_version,
	uint16_t protocol, uint32_t src_ip, uint32_t dst_ip,
	uint16_t src_port, uint16_t dst_port);

	/**
	* @brief Destroy a netdevice
	*
	* @param netdevice
	*
	* @return nss_capwapmgr_status_t
	*
	* @note CAPWAP tunnel must be destroyed first.
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_netdev_destroy(struct net_device *netdev);

	/**
	* @brief Gets CAPWAP tunnel stats
	*
	* @param netdevice
	* @param tunnel_id
	* @param pointer to struct nss_capwap_tunnel_stats
	*
	* @return nss_capwapmgr_status_t
	*/
	extern nss_capwapmgr_status_t nss_capwapmgr_tunnel_stats(struct net_device *dev, uint8_t tunnel_id,
	struct nss_capwap_tunnel_stats *stats);

	#if defined(NSS_CAPWAPMGR_ONE_NETDEV)
	/**
	* @brief Returns netdevice used by NSS CAPWAP manager
	*
	* @param void
	*
	* @return Pointer to struct net_device
	*/
	extern struct net_device *nss_capwapmgr_get_netdev(void);
	#endif /* NSS_CAPWAPMGR_ONE_NETDEV */
	#endif /* __NSS_CAPWAPMGR_H */