- self.vapi.ipsec_sad_add_del_entry(scapy_tun_sa_id, scapy_tun_spi,
- auth_algo_vpp_id, auth_key,
- crypt_algo_vpp_id, crypt_key,
- self.vpp_esp_protocol,
- self.pg1.remote_addr_n[addr_type],
- self.tun_if.remote_addr_n[addr_type],
- udp_encap=1)
- self.vapi.ipsec_sad_add_del_entry(vpp_tun_sa_id, vpp_tun_spi,
- auth_algo_vpp_id, auth_key,
- crypt_algo_vpp_id, crypt_key,
- self.vpp_esp_protocol,
- self.tun_if.remote_addr_n[addr_type],
- self.pg1.remote_addr_n[addr_type],
- udp_encap=1)
- l_startaddr = r_startaddr = socket.inet_pton(addr_type, addr_any)
- l_stopaddr = r_stopaddr = socket.inet_pton(addr_type, addr_bcast)
- self.vapi.ipsec_spd_add_del_entry(self.tun_spd_id, scapy_tun_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr,
- protocol=socket.IPPROTO_ESP)
- self.vapi.ipsec_spd_add_del_entry(self.tun_spd_id, scapy_tun_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, is_outbound=0,
- protocol=socket.IPPROTO_ESP)
- self.vapi.ipsec_spd_add_del_entry(self.tun_spd_id, scapy_tun_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, remote_port_start=4500,
- remote_port_stop=4500,
- protocol=socket.IPPROTO_UDP)
- self.vapi.ipsec_spd_add_del_entry(self.tun_spd_id, scapy_tun_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, remote_port_start=4500,
- remote_port_stop=4500,
- protocol=socket.IPPROTO_UDP,
- is_outbound=0)
- l_startaddr = l_stopaddr = self.tun_if.remote_addr_n[addr_type]
- r_startaddr = r_stopaddr = self.pg1.remote_addr_n[addr_type]
- self.vapi.ipsec_spd_add_del_entry(self.tun_spd_id, vpp_tun_sa_id,
- l_startaddr, l_stopaddr, r_startaddr,
- r_stopaddr, priority=10, policy=3,
- is_outbound=0)
- self.vapi.ipsec_spd_add_del_entry(self.tun_spd_id, scapy_tun_sa_id,
- r_startaddr, r_stopaddr, l_startaddr,
- l_stopaddr, priority=10, policy=3)
+ flags = (VppEnum.vl_api_ipsec_sad_flags_t.
+ IPSEC_API_SAD_FLAG_UDP_ENCAP)
+ e = VppEnum.vl_api_ipsec_spd_action_t
+
+ VppIpsecSA(self, scapy_tun_sa_id, scapy_tun_spi,
+ auth_algo_vpp_id, auth_key,
+ crypt_algo_vpp_id, crypt_key,
+ self.vpp_esp_protocol,
+ self.pg1.remote_addr[addr_type],
+ self.tun_if.remote_addr[addr_type],
+ flags=flags).add_vpp_config()
+ VppIpsecSA(self, vpp_tun_sa_id, vpp_tun_spi,
+ auth_algo_vpp_id, auth_key,
+ crypt_algo_vpp_id, crypt_key,
+ self.vpp_esp_protocol,
+ self.tun_if.remote_addr[addr_type],
+ self.pg1.remote_addr[addr_type],
+ flags=flags).add_vpp_config()
+
+ VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
+ addr_any, addr_bcast,
+ addr_any, addr_bcast,
+ socket.IPPROTO_ESP).add_vpp_config()
+ VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
+ addr_any, addr_bcast,
+ addr_any, addr_bcast,
+ socket.IPPROTO_ESP,
+ is_outbound=0).add_vpp_config()
+ VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
+ addr_any, addr_bcast,
+ addr_any, addr_bcast,
+ socket.IPPROTO_UDP,
+ remote_port_start=4500,
+ remote_port_stop=4500).add_vpp_config()
+ VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
+ addr_any, addr_bcast,
+ addr_any, addr_bcast,
+ socket.IPPROTO_UDP,
+ remote_port_start=4500,
+ remote_port_stop=4500,
+ is_outbound=0).add_vpp_config()
+ VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
+ self.tun_if.remote_addr[addr_type],
+ self.tun_if.remote_addr[addr_type],
+ self.pg1.remote_addr[addr_type],
+ self.pg1.remote_addr[addr_type],
+ 0, priority=10,
+ policy=e.IPSEC_API_SPD_ACTION_PROTECT,
+ is_outbound=0).add_vpp_config()
+ VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
+ self.pg1.remote_addr[addr_type],
+ self.pg1.remote_addr[addr_type],
+ self.tun_if.remote_addr[addr_type],
+ self.tun_if.remote_addr[addr_type],
+ 0, policy=e.IPSEC_API_SPD_ACTION_PROTECT,
+ priority=10).add_vpp_config()
Code Review / vpp.git / blobdiff