#ifndef __IPSEC_SPD_POLICY_H__
#define __IPSEC_SPD_POLICY_H__
-#include <vlib/vlib.h>
+#include <vnet/ipsec/ipsec_spd.h>
#define foreach_ipsec_policy_action \
_ (0, BYPASS, "bypass") \
u16 start, stop;
} port_range_t;
+/**
+ * @brief
+ * Policy packet & bytes counters
+ */
+extern vlib_combined_counter_main_t ipsec_spd_policy_counters;
+
/**
* @brief A Secruity Policy. An entry in an SPD
*/
{
u32 id;
i32 priority;
- u8 is_outbound;
+
+ // the type of policy
+ ipsec_spd_policy_type_t type;
// Selector
u8 is_ipv6;
ipsec_policy_action_t policy;
u32 sa_id;
u32 sa_index;
-
- // Counter
- vlib_counter_t counter;
} ipsec_policy_t;
/**
* @brief Add/Delete a SPD
*/
extern int ipsec_add_del_policy (vlib_main_t * vm,
- ipsec_policy_t * policy, int is_add);
+ ipsec_policy_t * policy,
+ int is_add, u32 * stat_index);
+extern u8 *format_ipsec_policy (u8 * s, va_list * args);
extern u8 *format_ipsec_policy_action (u8 * s, va_list * args);
extern uword unformat_ipsec_policy_action (unformat_input_t * input,
va_list * args);
+extern int ipsec_policy_mk_type (bool is_outbound,
+ bool is_ipv6,
+ ipsec_policy_action_t action,
+ ipsec_spd_policy_type_t * type);
+
#endif /* __IPSEC_SPD_POLICY_H__ */
/*