ipsec.h File Reference

Include dependency graph for ipsec.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	ipsec_sa_t
struct	ip46_address_range_t
struct	port_range_t
struct	ipsec_add_del_tunnel_args_t
struct	ipsec_add_del_ipsec_gre_tunnel_args_t
struct	ipsec_policy_t
struct	ipsec_spd_t
struct	ip4_ipsec_config_t
struct	ip6_ipsec_config_t
struct	ipsec_tunnel_if_t
struct	ipsec_main_t

Macros
#define	IPSEC_FLAG_IPSEC_GRE_TUNNEL   (1 << 0)
#define	foreach_ipsec_policy_action
#define	foreach_ipsec_crypto_alg
#define	foreach_ipsec_integ_alg

Enumerations
enum	ipsec_policy_action_t { IPSEC_POLICY_N_ACTION }
enum	ipsec_crypto_alg_t { IPSEC_CRYPTO_N_ALG }
enum	ipsec_integ_alg_t { IPSEC_INTEG_N_ALG }
enum	ipsec_protocol_t { IPSEC_PROTOCOL_AH = 0, IPSEC_PROTOCOL_ESP = 1 }
enum	ipsec_if_set_key_type_t {   IPSEC_IF_SET_KEY_TYPE_NONE, IPSEC_IF_SET_KEY_TYPE_LOCAL_CRYPTO, IPSEC_IF_SET_KEY_TYPE_REMOTE_CRYPTO, IPSEC_IF_SET_KEY_TYPE_LOCAL_INTEG,   IPSEC_IF_SET_KEY_TYPE_REMOTE_INTEG }

Functions
int	ipsec_set_interface_spd (vlib_main_t *vm, u32 sw_if_index, u32 spd_id, int is_add)
int	ipsec_add_del_spd (vlib_main_t *vm, u32 spd_id, int is_add)
int	ipsec_add_del_policy (vlib_main_t *vm, ipsec_policy_t *policy, int is_add)
int	ipsec_add_del_sa (vlib_main_t *vm, ipsec_sa_t *new_sa, int is_add)
int	ipsec_set_sa_key (vlib_main_t *vm, ipsec_sa_t *sa_update)
u32	ipsec_get_sa_index_by_sa_id (u32 sa_id)
u8 *	format_ipsec_if_output_trace (u8 *s, va_list *args)
u8 *	format_ipsec_policy_action (u8 *s, va_list *args)
u8 *	format_ipsec_crypto_alg (u8 *s, va_list *args)
u8 *	format_ipsec_integ_alg (u8 *s, va_list *args)
u8 *	format_ipsec_replay_window (u8 *s, va_list *args)
uword	unformat_ipsec_policy_action (unformat_input_t *input, va_list *args)
uword	unformat_ipsec_crypto_alg (unformat_input_t *input, va_list *args)
uword	unformat_ipsec_integ_alg (unformat_input_t *input, va_list *args)
int	ipsec_add_del_tunnel_if (ipsec_add_del_tunnel_args_t *args)
int	ipsec_add_del_ipsec_gre_tunnel (vnet_main_t *vnm, ipsec_add_del_ipsec_gre_tunnel_args_t *args)
int	ipsec_set_interface_key (vnet_main_t *vnm, u32 hw_if_index, ipsec_if_set_key_type_t type, u8 alg, u8 *key)
static void	ipsec_alloc_empty_buffers (vlib_main_t *vm, ipsec_main_t *im)
static_always_inline u32	get_next_output_feature_node_index (vnet_main_t *vnm, vlib_buffer_t *b)

Variables
ipsec_main_t	ipsec_main
vlib_node_registration_t	esp_encrypt_node
	(constructor) VLIB_REGISTER_NODE (esp_encrypt_node) More...
vlib_node_registration_t	esp_decrypt_node
	(constructor) VLIB_REGISTER_NODE (esp_decrypt_node) More...
vlib_node_registration_t	ipsec_if_output_node
	(constructor) VLIB_REGISTER_NODE (ipsec_if_output_node) More...
vlib_node_registration_t	ipsec_if_input_node
	(constructor) VLIB_REGISTER_NODE (ipsec_if_input_node) More...

Macro Definition Documentation

#define foreach_ipsec_crypto_alg

Value:

_(0, NONE,  "none")               \
  _(1, AES_CBC_128, "aes-cbc-128")  \
  _(2, AES_CBC_192, "aes-cbc-192")  \
  _(3, AES_CBC_256, "aes-cbc-256")

Definition at line 35 of file ipsec.h.

#define foreach_ipsec_integ_alg

Value:

_(0, NONE,  "none")                                                     \
  _(1, MD5_96, "md5-96")           /* RFC2403 */                          \
  _(2, SHA1_96, "sha1-96")         /* RFC2404 */                          \
  _(3, SHA_256_96, "sha-256-96")   /* draft-ietf-ipsec-ciph-sha-256-00 */ \
  _(4, SHA_256_128, "sha-256-128") /* RFC4868 */                          \
  _(5, SHA_384_192, "sha-384-192") /* RFC4868 */                          \
  _(6, SHA_512_256, "sha-512-256")      /* RFC4868 */

Definition at line 49 of file ipsec.h.

#define foreach_ipsec_policy_action

Value:

_(0, BYPASS,  "bypass")          \
  _(1, DISCARD, "discard")         \
  _(2, RESOLVE, "resolve")         \
  _(3, PROTECT, "protect")

Definition at line 21 of file ipsec.h.

#define IPSEC_FLAG_IPSEC_GRE_TUNNEL   (1 << 0)

Definition at line 19 of file ipsec.h.

Enumeration Type Documentation

enum ipsec_crypto_alg_t

Enumerator
IPSEC_CRYPTO_N_ALG

Definition at line 41 of file ipsec.h.

enum ipsec_if_set_key_type_t

Enumerator
IPSEC_IF_SET_KEY_TYPE_NONE
IPSEC_IF_SET_KEY_TYPE_LOCAL_CRYPTO
IPSEC_IF_SET_KEY_TYPE_REMOTE_CRYPTO
IPSEC_IF_SET_KEY_TYPE_LOCAL_INTEG
IPSEC_IF_SET_KEY_TYPE_REMOTE_INTEG

Definition at line 141 of file ipsec.h.

enum ipsec_integ_alg_t

Enumerator
IPSEC_INTEG_N_ALG

Definition at line 58 of file ipsec.h.

enum ipsec_policy_action_t

Enumerator
IPSEC_POLICY_N_ACTION

Definition at line 27 of file ipsec.h.

enum ipsec_protocol_t

Enumerator
IPSEC_PROTOCOL_AH
IPSEC_PROTOCOL_ESP

Definition at line 66 of file ipsec.h.

Function Documentation

u8* format_ipsec_crypto_alg	(	u8 *	s,
		va_list *	args
	)

Definition at line 58 of file ipsec_format.c.

Here is the call graph for this function:

Here is the caller graph for this function:

u8* format_ipsec_if_output_trace	(	u8 *	s,
		va_list *	args
	)

Definition at line 58 of file ipsec_if_out.c.

Here is the call graph for this function:

Here is the caller graph for this function:

u8* format_ipsec_integ_alg	(	u8 *	s,
		va_list *	args
	)

Definition at line 90 of file ipsec_format.c.

Here is the call graph for this function:

Here is the caller graph for this function:

u8* format_ipsec_policy_action	(	u8 *	s,
		va_list *	args
	)

Definition at line 26 of file ipsec_format.c.

Here is the call graph for this function:

u8* format_ipsec_replay_window	(	u8 *	s,
		va_list *	args
	)

Definition at line 122 of file ipsec_format.c.

Here is the call graph for this function:

static_always_inline u32 get_next_output_feature_node_index	(	vnet_main_t *	vnm,
		vlib_buffer_t *	b
	)

Definition at line 311 of file ipsec.h.

Here is the call graph for this function:

int ipsec_add_del_ipsec_gre_tunnel	(	vnet_main_t *	vnm,
		ipsec_add_del_ipsec_gre_tunnel_args_t *	args
	)

Definition at line 198 of file ipsec_if.c.

Here is the call graph for this function:

Here is the caller graph for this function:

int ipsec_add_del_policy	(	vlib_main_t *	vm,
		ipsec_policy_t *	policy,
		int	is_add
	)

Definition at line 171 of file ipsec.c.

Here is the call graph for this function:

Here is the caller graph for this function:

int ipsec_add_del_sa	(	vlib_main_t *	vm,
		ipsec_sa_t *	new_sa,
		int	is_add
	)

Definition at line 430 of file ipsec.c.

Here is the call graph for this function:

Here is the caller graph for this function:

int ipsec_add_del_spd	(	vlib_main_t *	vm,
		u32	spd_id,
		int	is_add
	)

Definition at line 105 of file ipsec.c.

Here is the caller graph for this function:

int ipsec_add_del_tunnel_if

(

ipsec_add_del_tunnel_args_t *

args

)

Definition at line 65 of file ipsec_if.c.

Here is the call graph for this function:

Here is the caller graph for this function:

static void ipsec_alloc_empty_buffers ( vlib_main_t *  vm, ipsec_main_t *  im  )

inlinestatic

Definition at line 281 of file ipsec.h.

Here is the call graph for this function:

Here is the caller graph for this function:

u32 ipsec_get_sa_index_by_sa_id

(

u32

sa_id

)

Definition at line 28 of file ipsec.c.

Here is the caller graph for this function:

int ipsec_set_interface_key	(	vnet_main_t *	vnm,
		u32	hw_if_index,
		ipsec_if_set_key_type_t	type,
		u8	alg,
		u8 *	key
	)

Definition at line 260 of file ipsec_if.c.

Here is the call graph for this function:

Here is the caller graph for this function:

int ipsec_set_interface_spd	(	vlib_main_t *	vm,
		u32	sw_if_index,
		u32	spd_id,
		int	is_add
	)

Definition at line 39 of file ipsec.c.

Here is the call graph for this function:

Here is the caller graph for this function:

int ipsec_set_sa_key	(	vlib_main_t *	vm,
		ipsec_sa_t *	sa_update
	)

Definition at line 468 of file ipsec.c.

Here is the caller graph for this function:

uword unformat_ipsec_crypto_alg	(	unformat_input_t *	input,
		va_list *	args
	)

Definition at line 76 of file ipsec_format.c.

Here is the caller graph for this function:

uword unformat_ipsec_integ_alg	(	unformat_input_t *	input,
		va_list *	args
	)

Definition at line 108 of file ipsec_format.c.

Here is the caller graph for this function:

uword unformat_ipsec_policy_action	(	unformat_input_t *	input,
		va_list *	args
	)

Definition at line 44 of file ipsec_format.c.

Here is the caller graph for this function:

Variable Documentation

vlib_node_registration_t esp_decrypt_node

(constructor) VLIB_REGISTER_NODE (esp_decrypt_node)

Definition at line 522 of file esp_decrypt.c.

vlib_node_registration_t esp_encrypt_node

(constructor) VLIB_REGISTER_NODE (esp_encrypt_node)

Definition at line 62 of file esp_encrypt.c.

vlib_node_registration_t ipsec_if_input_node

(constructor) VLIB_REGISTER_NODE (ipsec_if_input_node)

Definition at line 144 of file ipsec_if_in.c.

vlib_node_registration_t ipsec_if_output_node

(constructor) VLIB_REGISTER_NODE (ipsec_if_output_node)

Definition at line 131 of file ipsec_if_out.c.

ipsec_main_t ipsec_main

Definition at line 238 of file ipsec.h.