diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2015-11-18 14:49:27 +0100 |
| commit | 1e980d6be0ef0e243c6fe82b5e855454b97e24a4 (patch) | |
| tree | 0d59eec2ce2ed332434ae80fc78a44db9ad293c5 /src/libhydra/kernel/kernel_ipsec.h | |
| parent | 5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 (diff) | |
| download | vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.tar.gz vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.zip | |
Imported Upstream version 5.3.4
Diffstat (limited to 'src/libhydra/kernel/kernel_ipsec.h')
| -rw-r--r-- | src/libhydra/kernel/kernel_ipsec.h | 23 |
1 files changed, 10 insertions, 13 deletions
diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h index 19caaa400..2458db5b9 100644 --- a/src/libhydra/kernel/kernel_ipsec.h +++ b/src/libhydra/kernel/kernel_ipsec.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2006-2012 Tobias Brunner + * Copyright (C) 2006-2015 Tobias Brunner * Copyright (C) 2006 Daniel Roethlisberger * Copyright (C) 2005-2006 Martin Willi * Copyright (C) 2005 Jan Hutter @@ -186,9 +186,6 @@ struct kernel_ipsec_t { /** * Add a policy to the SPD. * - * A policy is always associated to an SA. Traffic which matches a - * policy is handled by the SA with the same reqid. - * * @param src source address of SA * @param dst dest address of SA * @param src_ts traffic selector to match traffic source @@ -231,24 +228,24 @@ struct kernel_ipsec_t { /** * Remove a policy from the SPD. * - * The kernel interface implements reference counting for policies. - * If the same policy is installed multiple times (in the case of rekeying), - * the reference counter is increased. del_policy() decreases the ref counter - * and removes the policy only when no more references are available. - * + * @param src source address of SA + * @param dst dest address of SA * @param src_ts traffic selector to match traffic source * @param dst_ts traffic selector to match traffic dest * @param direction direction of traffic, POLICY_(IN|OUT|FWD) - * @param reqid unique ID of the associated SA - * @param mark optional mark + * @param type type of policy, POLICY_(IPSEC|PASS|DROP) + * @param sa details about the SA(s) tied to this policy + * @param mark mark for this policy * @param priority priority of the policy * @return SUCCESS if operation completed */ status_t (*del_policy) (kernel_ipsec_t *this, + host_t *src, host_t *dst, traffic_selector_t *src_ts, traffic_selector_t *dst_ts, - policy_dir_t direction, u_int32_t reqid, - mark_t mark, policy_priority_t priority); + policy_dir_t direction, policy_type_t type, + ipsec_sa_cfg_t *sa, mark_t mark, + policy_priority_t priority); /** * Flush all policies from the SPD. |