2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
15 #ifndef __IPSEC_SPD_POLICY_H__
16 #define __IPSEC_SPD_POLICY_H__
18 #include <vlib/vlib.h>
20 #define foreach_ipsec_policy_action \
21 _ (0, BYPASS, "bypass") \
22 _ (1, DISCARD, "discard") \
23 _ (2, RESOLVE, "resolve") \
24 _ (3, PROTECT, "protect")
28 #define _(v, f, s) IPSEC_POLICY_ACTION_##f = v,
29 foreach_ipsec_policy_action
31 } ipsec_policy_action_t;
33 #define IPSEC_POLICY_N_ACTION (IPSEC_POLICY_ACTION_PROTECT + 1)
37 ip46_address_t start, stop;
38 } ip46_address_range_t;
46 * @brief A Secruity Policy. An entry in an SPD
48 typedef struct ipsec_policy_t_
56 ip46_address_range_t laddr;
57 ip46_address_range_t raddr;
63 ipsec_policy_action_t policy;
68 vlib_counter_t counter;
72 * @brief Add/Delete a SPD
74 extern int ipsec_add_del_policy (vlib_main_t * vm,
75 ipsec_policy_t * policy, int is_add);
77 extern u8 *format_ipsec_policy_action (u8 * s, va_list * args);
78 extern uword unformat_ipsec_policy_action (unformat_input_t * input,
82 #endif /* __IPSEC_SPD_POLICY_H__ */
85 * fd.io coding-style-patch-verification: ON
88 * eval: (c-set-style "gnu")