#include <vnet/ipsec/ipsec_sa.h>
-typedef enum
-{
- IPSEC_IF_SET_KEY_TYPE_NONE,
- IPSEC_IF_SET_KEY_TYPE_LOCAL_CRYPTO,
- IPSEC_IF_SET_KEY_TYPE_REMOTE_CRYPTO,
- IPSEC_IF_SET_KEY_TYPE_LOCAL_INTEG,
- IPSEC_IF_SET_KEY_TYPE_REMOTE_INTEG,
-} ipsec_if_set_key_type_t;
-
typedef struct
{
/* Required for pool_get_aligned */
typedef struct
{
u8 is_add;
+ u8 is_ip6;
u8 esn;
u8 anti_replay;
ip46_address_t local_ip, remote_ip;
u32 show_instance;
u8 udp_encap;
u32 tx_table_id;
+ u32 salt;
} ipsec_add_del_tunnel_args_t;
-typedef struct
-{
- u8 is_add;
- u32 local_sa_id;
- u32 remote_sa_id;
- ip4_address_t local_ip;
- ip4_address_t remote_ip;
-} ipsec_add_del_ipsec_gre_tunnel_args_t;
+/* *INDENT-OFF* */
+typedef CLIB_PACKED
+(struct {
+ /*
+ * Key fields: remote ip and spi on incoming packet
+ * all fields in NET byte order
+ */
+ union {
+ struct {
+ ip4_address_t remote_ip;
+ u32 spi;
+ };
+ u64 as_u64;
+ };
+}) ipsec4_tunnel_key_t;
+/* *INDENT-ON* */
+
+/* *INDENT-OFF* */
+typedef CLIB_PACKED
+(struct {
+ /*
+ * Key fields: remote ip and spi on incoming packet
+ * all fields in NET byte order
+ */
+ ip6_address_t remote_ip;
+ u32 spi;
+}) ipsec6_tunnel_key_t;
+/* *INDENT-ON* */
+
+extern u8 *format_ipsec4_tunnel_key (u8 * s, va_list * args);
+extern u8 *format_ipsec6_tunnel_key (u8 * s, va_list * args);
extern int ipsec_add_del_tunnel_if_internal (vnet_main_t * vnm,
ipsec_add_del_tunnel_args_t *
args, u32 * sw_if_index);
extern int ipsec_add_del_tunnel_if (ipsec_add_del_tunnel_args_t * args);
-extern int ipsec_add_del_ipsec_gre_tunnel (vnet_main_t * vnm,
- ipsec_add_del_ipsec_gre_tunnel_args_t
- * args);
-extern int ipsec_set_interface_key (vnet_main_t * vnm, u32 hw_if_index,
- ipsec_if_set_key_type_t type,
- u8 alg, u8 * key);
extern int ipsec_set_interface_sa (vnet_main_t * vnm, u32 hw_if_index,
u32 sa_id, u8 is_outbound);
+extern u8 *format_ipsec_tunnel (u8 * s, va_list * args);
+
#endif /* __IPSEC_IF_H__ */
/*