vec_free (delete);
sa->initial_contact = 0;
-
- km->log_level = IKEV2_LOG_ERROR;
- km->log_class = vlib_log_register_class ("ikev2", 0);
}
static void
sa->childs[0].r_proposals =
ikev2_select_proposal (sa->childs[0].i_proposals,
IKEV2_PROTOCOL_ESP);
+
+ if (~0 != sel_p->tun_itf)
+ {
+ sa->is_tun_itf_set = 1;
+ sa->tun_itf = sel_p->tun_itf;
+ }
}
}
else
hash_set1 (km->sw_if_indices, sw_if_index);
}
else
- sw_if_index = a->sw_if_index;
+ {
+ sw_if_index = a->sw_if_index;
+ vnet_sw_interface_admin_up (vnet_get_main (), sw_if_index);
+ }
if (rv)
{
u32 *sas_in = NULL;
vec_add1 (sas_in, a->remote_sa_id);
- rv |= ipsec_tun_protect_update (sw_if_index, a->local_sa_id, sas_in);
+ rv |= ipsec_tun_protect_update (sw_if_index, NULL, a->local_sa_id, sas_in);
}
static int
sw_if_index = ~0;
}
else
- sw_if_index = a->sw_if_index;
+ {
+ sw_if_index = a->sw_if_index;
+ vnet_sw_interface_admin_down (vnet_get_main (), sw_if_index);
+ }
if (~0 != sw_if_index)
- ipsec_tun_protect_del (sw_if_index);
+ ipsec_tun_protect_del (sw_if_index, NULL);
ipsec_sa_unlock_id (a->remote_sa_id);
ipsec_sa_unlock_id (a->local_sa_id);
clib_memset (p, 0, sizeof (*p));
p->name = vec_dup (name);
p->responder.sw_if_index = ~0;
+ p->tun_itf = ~0;
uword index = p - km->profiles;
mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
}
ikev2_cli_reference ();
+ km->log_level = IKEV2_LOG_ERROR;
+ km->log_class = vlib_log_register_class ("ikev2", 0);
return 0;
}
Code Review / vpp.git / blobdiff