Code Review
/
vpp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
ipsec: User can choose the UDP source port
[vpp.git]
/
src
/
vnet
/
ipsec
/
ipsec_types.api
diff --git
a/src/vnet/ipsec/ipsec_types.api
b/src/vnet/ipsec/ipsec_types.api
index
3015613
..
715f3de
100644
(file)
--- a/
src/vnet/ipsec/ipsec_types.api
+++ b/
src/vnet/ipsec/ipsec_types.api
@@
-71,12
+71,14
@@
enum ipsec_sad_flags
IPSEC_API_SAD_FLAG_IS_TUNNEL_V6 = 0x08,
/* enable UDP encapsulation for NAT traversal */
IPSEC_API_SAD_FLAG_UDP_ENCAP = 0x10,
IPSEC_API_SAD_FLAG_IS_TUNNEL_V6 = 0x08,
/* enable UDP encapsulation for NAT traversal */
IPSEC_API_SAD_FLAG_UDP_ENCAP = 0x10,
+ /* IPsec SA is for inbound traffic */
+ IPSEC_API_SAD_FLAG_IS_INBOUND = 0x40,
};
enum ipsec_proto
{
};
enum ipsec_proto
{
- IPSEC_API_PROTO_ESP,
- IPSEC_API_PROTO_AH,
+ IPSEC_API_PROTO_ESP
= 50
,
+ IPSEC_API_PROTO_AH
= 51
,
};
typedef key
};
typedef key
@@
-102,6
+104,10
@@
typedef key
@param tunnel_dst_address - IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero
@param tx_table_id - the FIB id used for encapsulated packets
@param salt - for use with counter mode ciphers
@param tunnel_dst_address - IPsec tunnel destination address IPv6 if is_tunnel_ipv6 is non-zero, else IPv4. Only valid if is_tunnel is non-zero
@param tx_table_id - the FIB id used for encapsulated packets
@param salt - for use with counter mode ciphers
+ @param udp_src_port - If using UDP Encapsulation, use this source port for
+ TX. It is ignored for RX.
+ @param udp_dst_port - If using UDP Encapsulation, use this destination port
+ for TX. Expect traffic on this port for RX.
*/
typedef ipsec_sad_entry
{
*/
typedef ipsec_sad_entry
{
@@
-123,6
+129,8
@@
typedef ipsec_sad_entry
vl_api_address_t tunnel_dst;
u32 tx_table_id;
u32 salt;
vl_api_address_t tunnel_dst;
u32 tx_table_id;
u32 salt;
+ u16 udp_src_port [default=4500];
+ u16 udp_dst_port [default=4500];
};
/*
};
/*