- self.vapi.ipsec_sad_add_del_entry(scapy_tra_sa_id, scapy_tra_spi,
- auth_algo_vpp_id, auth_key,
- crypt_algo_vpp_id, crypt_key,
- self.vpp_ah_protocol, is_tunnel=0,
- is_tunnel_ipv6=0,
- use_anti_replay=1)
- self.vapi.ipsec_sad_add_del_entry(vpp_tra_sa_id, vpp_tra_spi,
- auth_algo_vpp_id, auth_key,
- crypt_algo_vpp_id, crypt_key,
- self.vpp_ah_protocol, is_tunnel=0,
- is_tunnel_ipv6=0,
- use_anti_replay=1)
- l_startaddr = r_startaddr = socket.inet_pton(addr_type, addr_any)
- l_stopaddr = r_stopaddr = socket.inet_pton(addr_type, addr_bcast)
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, vpp_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, is_ipv6=is_ipv6,
- protocol=socket.IPPROTO_AH)
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, scapy_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, is_outbound=0,
- is_ipv6=is_ipv6,
- protocol=socket.IPPROTO_AH)
- l_startaddr = l_stopaddr = self.tra_if.local_addr_n[addr_type]
- r_startaddr = r_stopaddr = self.tra_if.remote_addr_n[addr_type]
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, vpp_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, priority=10, policy=3,
- is_outbound=0, is_ipv6=is_ipv6)
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, scapy_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, priority=10,
- policy=3, is_ipv6=is_ipv6)
-
- def unconfig_ah_tra(self, params):
- addr_type = params.addr_type
- is_ipv6 = params.is_ipv6
- scapy_tra_sa_id = params.scapy_tra_sa_id
- scapy_tra_spi = params.scapy_tra_spi
- vpp_tra_sa_id = params.vpp_tra_sa_id
- vpp_tra_spi = params.vpp_tra_spi
- auth_algo_vpp_id = params.auth_algo_vpp_id
- auth_key = params.auth_key
- crypt_algo_vpp_id = params.crypt_algo_vpp_id
- crypt_key = params.crypt_key
- addr_any = params.addr_any
- addr_bcast = params.addr_bcast
- l_startaddr = r_startaddr = socket.inet_pton(addr_type, addr_any)
- l_stopaddr = r_stopaddr = socket.inet_pton(addr_type, addr_bcast)
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, vpp_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, is_ipv6=is_ipv6,
- protocol=socket.IPPROTO_AH,
- is_add=0)
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, scapy_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, is_outbound=0,
- is_ipv6=is_ipv6,
- protocol=socket.IPPROTO_AH,
- is_add=0)
- l_startaddr = l_stopaddr = self.tra_if.local_addr_n[addr_type]
- r_startaddr = r_stopaddr = self.tra_if.remote_addr_n[addr_type]
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, vpp_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, priority=10, policy=3,
- is_outbound=0, is_ipv6=is_ipv6,
- is_add=0)
- self.vapi.ipsec_spd_add_del_entry(self.tra_spd_id, scapy_tra_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, priority=10,
- policy=3, is_ipv6=is_ipv6,
- is_add=0)
- self.vapi.ipsec_sad_add_del_entry(scapy_tra_sa_id, scapy_tra_spi,
- auth_algo_vpp_id, auth_key,
- crypt_algo_vpp_id, crypt_key,
- self.vpp_ah_protocol, is_tunnel=0,
- is_tunnel_ipv6=0,
- use_anti_replay=1,
- is_add=0)
- self.vapi.ipsec_sad_add_del_entry(vpp_tra_sa_id, vpp_tra_spi,
- auth_algo_vpp_id, auth_key,
- crypt_algo_vpp_id, crypt_key,
- self.vpp_ah_protocol, is_tunnel=0,
- is_tunnel_ipv6=0,
- use_anti_replay=1,
- is_add=0)