2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
15 #ifndef __IPSEC_SPD_POLICY_H__
16 #define __IPSEC_SPD_POLICY_H__
18 #include <vnet/ipsec/ipsec_spd.h>
20 #define foreach_ipsec_policy_action \
21 _ (0, BYPASS, "bypass") \
22 _ (1, DISCARD, "discard") \
23 _ (2, RESOLVE, "resolve") \
24 _ (3, PROTECT, "protect")
28 #define _(v, f, s) IPSEC_POLICY_ACTION_##f = v,
29 foreach_ipsec_policy_action
31 } ipsec_policy_action_t;
33 #define IPSEC_POLICY_N_ACTION (IPSEC_POLICY_ACTION_PROTECT + 1)
37 ip46_address_t start, stop;
38 } ip46_address_range_t;
47 * Policy packet & bytes counters
49 extern vlib_combined_counter_main_t ipsec_spd_policy_counters;
52 * @brief A Secruity Policy. An entry in an SPD
54 typedef struct ipsec_policy_t_
60 ipsec_spd_policy_type_t type;
64 ip46_address_range_t laddr;
65 ip46_address_range_t raddr;
71 ipsec_policy_action_t policy;
77 * @brief Add/Delete a SPD
79 extern int ipsec_add_del_policy (vlib_main_t * vm,
80 ipsec_policy_t * policy,
81 int is_add, u32 * stat_index);
83 extern u8 *format_ipsec_policy (u8 * s, va_list * args);
84 extern u8 *format_ipsec_policy_action (u8 * s, va_list * args);
85 extern uword unformat_ipsec_policy_action (unformat_input_t * input,
89 extern int ipsec_policy_mk_type (bool is_outbound,
91 ipsec_policy_action_t action,
92 ipsec_spd_policy_type_t * type);
94 #endif /* __IPSEC_SPD_POLICY_H__ */
97 * fd.io coding-style-patch-verification: ON
100 * eval: (c-set-style "gnu")