ikev2: support responder hostname

[vpp.git] / src / plugins / ikev2 / ikev2.api

diff --git a/src/plugins/ikev2/ikev2.api b/src/plugins/ikev2/ikev2.api
index 1e1dbf9..ff9ed72 100644 (file)
--- a/src/plugins/ikev2/ikev2.api
+++ b/src/plugins/ikev2/ikev2.api
@@ -251,6 +251,20 @@ autoreply define ikev2_profile_set_id
   option status="in_progress";
 };
 
+/** \brief IKEv2: Disable NAT traversal
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param name - IKEv2 profile name
+*/
+autoreply define ikev2_profile_disable_natt
+{
+  u32 client_index;
+  u32 context;
+
+  string name[64];
+  option status="in_progress";
+};
+
 /** \brief IKEv2: Set IKEv2 profile traffic selector parameters
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
@@ -264,7 +278,7 @@ autoreply define ikev2_profile_set_ts
 
   string name[64];
   vl_api_ikev2_ts_t ts;
-  option vat_help = "name <profile_name> protocol <proto> start_port <port> end_port <port> start_addr <ip4> end_addr <ip4> (local|remote)";
+  option vat_help = "name <profile_name> protocol <proto> start_port <port> end_port <port> start_addr <ip> end_addr <ip> (local|remote)";
   option status="in_progress";
 };
 
@@ -317,6 +331,17 @@ autoreply define ikev2_set_responder
   option status="in_progress";
 };
 
+autoreply define ikev2_set_responder_hostname
+{
+  u32 client_index;
+  u32 context;
+
+  string name[64];
+  string hostname[64];
+  vl_api_interface_index_t sw_if_index;
+  option status="in_progress";
+};
+
 /** \brief IKEv2: Set IKEv2 IKE transforms in SA_INIT proposal (RFC 7296)
     @param client_index - opaque cookie to identify the sender
     @param context - sender context, to match reply w/ request
@@ -482,6 +507,92 @@ autoreply define ikev2_profile_set_liveness
   option status="in_progress";
 };
 
+counters ikev2 {
+  processed {
+    severity info;
+    type counter64;
+    units "packets";
+    description "packets processed";
+  };
+  ike_sa_init_retransmit {
+    severity info;
+    type counter64;
+    units "packets";
+    description "IKE SA INIT retransmit";
+  };
+  ike_sa_init_ignore {
+    severity error;
+    type counter64;
+    units "packets";
+    description "IKE_SA_INIT ignore (IKE SA already auth)";
+  };
+  ike_req_retransmit {
+    severity error;
+    type counter64;
+    units "packets";
+    description "IKE request retransmit";
+  };
+  ike_req_ignore {
+    severity error;
+    type counter64;
+    units "packets";
+    description "IKE request ignore (old msgid)";
+  };
+  not_ikev2 {
+    severity error;
+    type counter64;
+    units "packets";
+    description "Non IKEv2 packets received";
+  };
+  bad_length {
+    severity error;
+    type counter64;
+    units "packets";
+    description "Bad packet length";
+  };
+  malformed_packet {
+    severity error;
+    type counter64;
+    units "packets";
+    description "Malformed packet";
+  };
+  no_buff_space {
+    severity error;
+    type counter64;
+    units "packets";
+    description "No buffer space";
+  };
+  keepalive {
+    severity info;
+    type counter64;
+    units "packets";
+    description "IKE keepalive messages received";
+  };
+  rekey_req {
+    severity info;
+    type counter64;
+    units "packets";
+    description "IKE rekey requests received";
+  };
+  init_sa_req {
+    severity info;
+    type counter64;
+    units "packets";
+    description "IKE EXCHANGE SA requests received";
+  };
+  ike_auth_req {
+    severity info;
+    type counter64;
+    units "packets";
+    description "IKE AUTH SA requests received";
+  };
+};
+paths {
+  "/err/ikev2-ip4" "ike";
+  "/err/ikev2-ip6" "ike";
+  "/err/ikev2-ip4-natt" "ike";
+};
+
 /*
  * Local Variables:
  * eval: (c-set-style "gnu")