FD.io VPP
v19.04.1-1-ge4a0f9f
Vector Packet Processing
Main Page
Related Pages
Modules
Namespaces
Data Structures
Source
Files
Symbols
ipsec_spd_policy.h
Go to the documentation of this file.
1
/*
2
* Copyright (c) 2015 Cisco and/or its affiliates.
3
* Licensed under the Apache License, Version 2.0 (the "License");
4
* you may not use this file except in compliance with the License.
5
* You may obtain a copy of the License at:
6
*
7
* http://www.apache.org/licenses/LICENSE-2.0
8
*
9
* Unless required by applicable law or agreed to in writing, software
10
* distributed under the License is distributed on an "AS IS" BASIS,
11
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
* See the License for the specific language governing permissions and
13
* limitations under the License.
14
*/
15
#ifndef __IPSEC_SPD_POLICY_H__
16
#define __IPSEC_SPD_POLICY_H__
17
18
#include <
vnet/ipsec/ipsec_spd.h
>
19
20
#define foreach_ipsec_policy_action \
21
_ (0, BYPASS, "bypass") \
22
_ (1, DISCARD, "discard") \
23
_ (2, RESOLVE, "resolve") \
24
_ (3, PROTECT, "protect")
25
26
typedef
enum
27
{
28
#define _(v, f, s) IPSEC_POLICY_ACTION_##f = v,
29
foreach_ipsec_policy_action
30
#undef _
31
}
ipsec_policy_action_t
;
32
33
#define IPSEC_POLICY_N_ACTION (IPSEC_POLICY_ACTION_PROTECT + 1)
34
35
typedef
struct
36
{
37
ip46_address_t start,
stop
;
38
}
ip46_address_range_t
;
39
40
typedef
struct
41
{
42
/* Ports stored in network byte order */
43
u16
start,
stop
;
44
}
port_range_t
;
45
46
/**
47
* @brief
48
* Policy packet & bytes counters
49
*/
50
extern
vlib_combined_counter_main_t
ipsec_spd_policy_counters
;
51
52
/**
53
* @brief A Secruity Policy. An entry in an SPD
54
*/
55
typedef
struct
ipsec_policy_t_
56
{
57
u32
id
;
58
i32
priority
;
59
60
// the type of policy
61
ipsec_spd_policy_type_t
type
;
62
63
// Selector
64
u8
is_ipv6
;
65
ip46_address_range_t
laddr
;
66
ip46_address_range_t
raddr
;
67
u8
protocol
;
68
port_range_t
lport
;
69
port_range_t
rport
;
70
71
// Policy
72
ipsec_policy_action_t
policy
;
73
u32
sa_id
;
74
u32
sa_index
;
75
}
ipsec_policy_t
;
76
77
/**
78
* @brief Add/Delete a SPD
79
*/
80
extern
int
ipsec_add_del_policy
(
vlib_main_t
*
vm
,
81
ipsec_policy_t
*
policy
,
82
int
is_add
,
u32
* stat_index);
83
84
extern
u8
*
format_ipsec_policy
(
u8
* s, va_list * args);
85
extern
u8
*
format_ipsec_policy_action
(
u8
* s, va_list * args);
86
extern
uword
unformat_ipsec_policy_action
(
unformat_input_t
* input,
87
va_list * args);
88
89
90
extern
int
ipsec_policy_mk_type
(
bool
is_outbound
,
91
bool
is_ipv6
,
92
ipsec_policy_action_t
action,
93
ipsec_spd_policy_type_t
*
type
);
94
95
#endif
/* __IPSEC_SPD_POLICY_H__ */
96
97
/*
98
* fd.io coding-style-patch-verification: ON
99
*
100
* Local Variables:
101
* eval: (c-set-style "gnu")
102
* End:
103
*/
ip46_address_range_t::stop
ip46_address_t stop
Definition:
ipsec_spd_policy.h:37
port_range_t::stop
u16 stop
Definition:
ipsec_spd_policy.h:43
ipsec_policy_t_::sa_id
u32 sa_id
Definition:
ipsec_spd_policy.h:73
ipsec_spd_policy_type_t
enum ipsec_spd_policy_t_ ipsec_spd_policy_type_t
ipsec_policy_t_::laddr
ip46_address_range_t laddr
Definition:
ipsec_spd_policy.h:65
ipsec_policy_t_::id
u32 id
Definition:
ipsec_spd_policy.h:57
format_ipsec_policy
u8 * format_ipsec_policy(u8 *s, va_list *args)
Definition:
ipsec_format.c:155
u8
unsigned char u8
Definition:
types.h:56
ipsec_policy_t_::protocol
u8 protocol
Definition:
ipsec_spd_policy.h:67
port_range_t
Definition:
ipsec_spd_policy.h:40
ipsec_policy_t_::rport
port_range_t rport
Definition:
ipsec_spd_policy.h:69
u32
unsigned int u32
Definition:
types.h:88
ipsec_spd_policy_counters
vlib_combined_counter_main_t ipsec_spd_policy_counters
Policy packet & bytes counters.
Definition:
ipsec_spd_policy.c:22
unformat_input_t
struct _unformat_input_t unformat_input_t
u16
unsigned short u16
Definition:
types.h:57
ipsec_policy_t_::type
ipsec_spd_policy_type_t type
Definition:
ipsec_spd_policy.h:61
format_ipsec_policy_action
u8 * format_ipsec_policy_action(u8 *s, va_list *args)
Definition:
ipsec_format.c:27
ipsec_policy_action_t
ipsec_policy_action_t
Definition:
ipsec_spd_policy.h:26
ipsec_policy_mk_type
int ipsec_policy_mk_type(bool is_outbound, bool is_ipv6, ipsec_policy_action_t action, ipsec_spd_policy_type_t *type)
Definition:
ipsec_spd_policy.c:100
ipsec_spd.h
vm
vlib_main_t * vm
Definition:
buffer.c:312
ipsec_policy_t_::priority
i32 priority
Definition:
ipsec_spd_policy.h:58
ipsec_policy_t_::policy
ipsec_policy_action_t policy
Definition:
ipsec_spd_policy.h:72
is_outbound
u8 is_outbound
Definition:
ipsec.api:92
ipsec_policy_t_
A Secruity Policy.
Definition:
ipsec_spd_policy.h:55
ipsec_policy_t_::sa_index
u32 sa_index
Definition:
ipsec_spd_policy.h:74
foreach_ipsec_policy_action
#define foreach_ipsec_policy_action
Definition:
ipsec_spd_policy.h:20
i32
signed int i32
Definition:
types.h:77
ipsec_add_del_policy
int ipsec_add_del_policy(vlib_main_t *vm, ipsec_policy_t *policy, int is_add, u32 *stat_index)
Add/Delete a SPD.
Definition:
ipsec_spd_policy.c:136
is_add
u8 is_add
Definition:
ipsec_gre.api:36
ipsec_policy_t
struct ipsec_policy_t_ ipsec_policy_t
A Secruity Policy.
ipsec_policy_t_::raddr
ip46_address_range_t raddr
Definition:
ipsec_spd_policy.h:66
ip46_address_range_t
Definition:
ipsec_spd_policy.h:35
vlib_main_t
Definition:
main.h:68
uword
u64 uword
Definition:
types.h:112
vlib_combined_counter_main_t
A collection of combined counters.
Definition:
counter.h:188
unformat_ipsec_policy_action
uword unformat_ipsec_policy_action(unformat_input_t *input, va_list *args)
Definition:
ipsec_format.c:63
ipsec_policy_t_::lport
port_range_t lport
Definition:
ipsec_spd_policy.h:68
ipsec_policy_t_::is_ipv6
u8 is_ipv6
Definition:
ipsec_spd_policy.h:64
src
vnet
ipsec
ipsec_spd_policy.h
Generated on Mon Jun 3 2019 18:47:34 for FD.io VPP by
1.8.11