X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fipsec%2Fipsec_cli.c;h=4e382bdeab5a798359ef8c1a7669891c0b1f9e1c;hb=b7b929931a07fbb27b43d5cd105f366c3e29807e;hp=6a97b7bc8d9ad8fc4862019c16f4fc382a557a7b;hpb=c2fc57e8df45c0ddcd39c8b3d34e1b02e290e5ab;p=vpp.git

diff --git a/src/vnet/ipsec/ipsec_cli.c b/src/vnet/ipsec/ipsec_cli.c
index 6a97b7bc8d9..4e382bdeab5 100644
--- a/src/vnet/ipsec/ipsec_cli.c
+++ b/src/vnet/ipsec/ipsec_cli.c
@@ -79,7 +79,7 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
   u8 *ck = 0, *ik = 0;
   clib_error_t *error = NULL;
 
-  memset (&sa, 0, sizeof (sa));
+  clib_memset (&sa, 0, sizeof (sa));
 
   if (!unformat_user (input, unformat_line_input, line_input))
     return 0;
@@ -148,6 +148,10 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
 	  sa.is_tunnel = 1;
 	  sa.is_tunnel_ip6 = 1;
 	}
+      else if (unformat (line_input, "udp-encap"))
+	{
+	  sa.udp_encap = 1;
+	}
       else
 	{
 	  error = clib_error_return (0, "parse error: '%U'",
@@ -176,7 +180,7 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
 	goto done;
     }
 
-  ipsec_add_del_sa (vm, &sa, is_add, 0 /* enable nat traversal */ );
+  ipsec_add_del_sa (vm, &sa, is_add);
 
 done:
   unformat_free (line_input);
@@ -258,7 +262,7 @@ ipsec_policy_add_del_command_fn (vlib_main_t * vm,
   u32 tmp, tmp2;
   clib_error_t *error = NULL;
 
-  memset (&p, 0, sizeof (p));
+  clib_memset (&p, 0, sizeof (p));
   p.lport.stop = p.rport.stop = ~0;
   p.laddr.stop.ip4.as_u32 = p.raddr.stop.ip4.as_u32 = (u32) ~ 0;
   p.laddr.stop.ip6.as_u64[0] = p.laddr.stop.ip6.as_u64[1] = (u64) ~ 0;
@@ -390,7 +394,7 @@ set_ipsec_sa_key_command_fn (vlib_main_t * vm,
   u8 *ck = 0, *ik = 0;
   clib_error_t *error = NULL;
 
-  memset (&sa, 0, sizeof (sa));
+  clib_memset (&sa, 0, sizeof (sa));
 
   if (!unformat_user (input, unformat_line_input, line_input))
     return 0;
@@ -511,7 +515,7 @@ show_ipsec_command_fn (vlib_main_t * vm,
                         format_ip4_address, &p->laddr.start.ip4,
                         format_ip4_address, &p->laddr.stop.ip4,
                         p->lport.start, p->lport.stop);
-        vlib_cli_output(vm, "   remte addr range %U - %U port range %u - %u",
+        vlib_cli_output(vm, "   remote addr range %U - %U port range %u - %u",
                         format_ip4_address, &p->raddr.start.ip4,
                         format_ip4_address, &p->raddr.stop.ip4,
                         p->rport.start, p->rport.stop);
@@ -566,7 +570,7 @@ show_ipsec_command_fn (vlib_main_t * vm,
                         format_ip4_address, &p->laddr.start.ip4,
                         format_ip4_address, &p->laddr.stop.ip4,
                         p->lport.start, p->lport.stop);
-        vlib_cli_output(vm, "   remte addr range %U - %U port range %u - %u",
+        vlib_cli_output(vm, "   remote addr range %U - %U port range %u - %u",
                         format_ip4_address, &p->raddr.start.ip4,
                         format_ip4_address, &p->raddr.stop.ip4,
                         p->rport.start, p->rport.stop);
@@ -593,7 +597,7 @@ show_ipsec_command_fn (vlib_main_t * vm,
                         format_ip4_address, &p->laddr.start.ip4,
                         format_ip4_address, &p->laddr.stop.ip4,
                         p->lport.start, p->lport.stop);
-        vlib_cli_output(vm, "   remte addr range %U - %U port range %u - %u",
+        vlib_cli_output(vm, "   remote addr range %U - %U port range %u - %u",
                         format_ip4_address, &p->raddr.start.ip4,
                         format_ip4_address, &p->raddr.stop.ip4,
                         p->rport.start, p->rport.stop);
@@ -665,8 +669,8 @@ show_ipsec_command_fn (vlib_main_t * vm,
     hi = vnet_get_hw_interface (im->vnet_main, t->hw_if_index);
     vlib_cli_output(vm, "  %s seq", hi->name);
     sa = pool_elt_at_index(im->sad, t->output_sa_index);
-    vlib_cli_output(vm, "   seq %u seq-hi %u esn %u anti-replay %u",
-                    sa->seq, sa->seq_hi, sa->use_esn, sa->use_anti_replay);
+    vlib_cli_output(vm, "   seq %u seq-hi %u esn %u anti-replay %u udp-encap %u",
+                    sa->seq, sa->seq_hi, sa->use_esn, sa->use_anti_replay, sa->udp_encap);
     vlib_cli_output(vm, "   local-spi %u local-ip %U", sa->spi,
                     format_ip4_address, &sa->tunnel_src_addr.ip4);
     vlib_cli_output(vm, "   local-crypto %U %U",
@@ -742,7 +746,7 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
   u32 num_m_args = 0;
   clib_error_t *error = NULL;
 
-  memset (&a, 0, sizeof (a));
+  clib_memset (&a, 0, sizeof (a));
   a.is_add = 1;
 
   /* Get a line of input. */
@@ -766,6 +770,8 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
 	a.renumber = 1;
       else if (unformat (line_input, "del"))
 	a.is_add = 0;
+      else if (unformat (line_input, "udp-encap"))
+	a.udp_encap = 1;
       else
 	{
 	  error = clib_error_return (0, "unknown input `%U'",
@@ -808,7 +814,7 @@ done:
 /* *INDENT-OFF* */
 VLIB_CLI_COMMAND (create_ipsec_tunnel_command, static) = {
   .path = "create ipsec tunnel",
-  .short_help = "create ipsec tunnel local-ip <addr> local-spi <spi> remote-ip <addr> remote-spi <spi> [instance <inst_num>]",
+  .short_help = "create ipsec tunnel local-ip <addr> local-spi <spi> remote-ip <addr> remote-spi <spi> [instance <inst_num>] [udp-encap]",
   .function = create_ipsec_tunnel_command_fn,
 };
 /* *INDENT-ON* */