150 likes | 290 Views
Netsvc Platform. Remote Authentication Box Lv Zheng. Appliance Topology. Home. Internet. Intranet. Smart Card. RA-BOX. br0. eth0. WorkPC. vlan1. ppp0. Internet. ISP. VPN-Tunnel. VPN. eth1. ppp1. VPN - Session. vlan2. eth2. HomePC. eth3. NAT. Half Bridge. Ether.
E N D
Netsvc Platform Remote Authentication Box Lv Zheng
Appliance Topology Home Internet Intranet Smart Card RA-BOX br0 eth0 WorkPC vlan1 ppp0 Internet ISP VPN-Tunnel VPN eth1 ppp1 VPN - Session vlan2 eth2 HomePC eth3 NAT Half Bridge Ether Soliton Secret
Execution Flow Implemented by timeouts (tout = 0) Software timeouts queue (not hw) Events Timeouts Timeout = 0 Descriptors select Signal Soliton Secret
Object Interfaces • Object API naming rules • Tow objects: • Parent: higher layered protocol entity • Child: lower layered protocol entity • Four cases: • Parent’s state machine is started first • Child’s state machine is started first • Parent’s state machine is stopped first • Child’s state machine is stopped first • Notify: notify higher entity state changes to lower listeners Notify Chain Soliton Secret
State Machines DFA State machine NFA State machine PPP NEGO L2TP CCE PPP Phase L2TP LAOC L2TP LAIC EAP Peer EAP Authenticator L2TP LNOC L2TP LNIC STM_STEP STM_ENTER STM_STATE stm_entry stm_event STM_STEP_RUN STM_STATE stm_table stm_instance STM_STATE Soliton Secret
Module Overview PKCS15 PPPoE L2TP PCSC 802.1D 802.1Q PPP IPCP DHCP CCID IPSEC NET LINK NET LINK INET ADDR USB RTC MTD XFRM RTNL ROUTE RTNL ROUTE UDEV KOBJECT_UEVENT NETLINK Linux User Space Linux Kernel Space Soliton Secret
Module PPP pppoe_session l2tp_session LCP CHAP PAP EAP IPCP PPPoE L2TP Link Auth Network ppp_channel ppp_protocol ppp_phase channel unit net_device in4_ifaddr /dev/ppp NETLINK (LINK) NETLINK (ADDR) Soliton Secret
Object PPP ppp_service ppp_profile ppp_phase ppp_channel net_device in4_ifaddr l2tp_profile l2tp_session pppoe_session pppoe_profile l2tp_tunnel l2tp_service pppoe_service net_service inet_service Soliton Secret
Module IPSec main quick agg newgrp info base ident agg IKE ISAKMP ISAKMPDOI IPDOI XCHG DOI ISAKMP XFRM Soliton Secret
Module UI l2tp ppp … ui_command ui_syntax ui_schema ui_argument choice range ui_parser ui_table ui_view ui_entry ui_session ui_service cli cgi … Soliton Secret
Module PCSC PKCS15 PKCS11 Crypto Other SP PCSC pkcs_icc pkcs_ifd WatchData ISO7816 Muscle CCID Other IFD USB Soliton Secret
Object PCSC pkcs15 pkcs11 pcsc_icc pcsc_handle pcsc_ifd smartcard ccid_reader 7816 muscle wd usb_device Soliton Secret
Module NAC nic_t (frontend) nac_client nic_t (backend) AVPs AVPs dict Soliton Secret
Module Bridge Soliton Secret
Object Bridge Soliton Secret