static walk_rc_t
ipsec_tun_protect_show_one (index_t itpi, void *ctx)
{
- vlib_cli_output (ctx, "%U", format_ipsec_tun_protect, itpi);
+ vlib_cli_output (ctx, "%U", format_ipsec_tun_protect_index, itpi);
return (WALK_CONTINUE);
}
unformat_input_t _line_input, *line_input = &_line_input;
ip46_address_t local_ip = ip46_address_initializer;
ip46_address_t remote_ip = ip46_address_initializer;
+ ip_address_t nh = IP_ADDRESS_V4_ALL_0S;
ipsec_crypto_alg_t crypto_alg;
ipsec_integ_alg_t integ_alg;
ipsec_sa_flags_t flags;
;
else if (unformat (line_input, "del"))
is_add = 0;
+ else if (unformat (line_input, "nh &U", unformat_ip_address, &nh))
+ ;
else
{
error = clib_error_return (0, "unknown input `%U'",
rv =
ipip_add_tunnel (ipv6_set ? IPIP_TRANSPORT_IP6 : IPIP_TRANSPORT_IP4,
instance, &local_ip, &remote_ip, fib_index,
- IPIP_TUNNEL_FLAG_NONE, IP_DSCP_CS0, &sw_if_index);
+ TUNNEL_ENCAP_DECAP_FLAG_NONE, IP_DSCP_CS0,
+ TUNNEL_MODE_P2P, &sw_if_index);
rv |=
ipsec_sa_add_and_lock (ipsec_tun_mk_local_sa_id (sw_if_index),
local_spi, IPSEC_PROTOCOL_ESP, crypto_alg,
clib_host_to_net_u32 (salt), &remote_ip,
&local_ip, NULL);
rv |=
- ipsec_tun_protect_update_one (sw_if_index,
+ ipsec_tun_protect_update_one (sw_if_index, &nh,
ipsec_tun_mk_local_sa_id (sw_if_index),
ipsec_tun_mk_remote_sa_id
(sw_if_index));
{
unformat_input_t _line_input, *line_input = &_line_input;
u32 sw_if_index, is_del, sa_in, sa_out, *sa_ins = NULL;
+ ip_address_t peer = { };
vnet_main_t *vnm;
is_del = 0;
else if (unformat (line_input, "%U",
unformat_vnet_sw_interface, vnm, &sw_if_index))
;
+ else if (unformat (line_input, "%U", unformat_ip_address, &peer))
+ ;
else
return (clib_error_return (0, "unknown input '%U'",
format_unformat_error, line_input));
}
if (!is_del)
- ipsec_tun_protect_update (sw_if_index, sa_out, sa_ins);
+ ipsec_tun_protect_update (sw_if_index, &peer, sa_out, sa_ins);
unformat_free (line_input);
return NULL;
Code Review / vpp.git / blobdiff