Tobias Brunner
1b67166921
Unify format of HSR copyright statements
2018-05-23 16:32:53 +02:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Tobias Brunner
e8140531fc
libipsec: Pass the same data to del_policy() as to add_policy()
...
We already do this for the other kernel interfaces.
Fixes e1e88d5add
("libipsec: Don't attempt deletion of any non-IPsec policies")
2016-02-04 11:02:59 +01:00
Tobias Brunner
e1e88d5add
libipsec: Don't attempt deletion of any non-IPsec policies
...
An example are the fallback drop policies installed when updating SAs.
We ignore such policies in add_policy() so there is no point in attempting
to remove them. Since they use different priorities than regular policies
this did not result in policies getting deleted unintentionally but there
was an irritating log message on level 2 that indicated otherwise.
2016-02-04 10:30:56 +01:00
Tobias Brunner
5b883719a1
libipsec: Add support for new policy priority class
2014-06-19 14:20:33 +02:00
Martin Willi
96136a1229
libipsec: check for a policy with the reqid of the SA on decapsulation
...
To prevent a client from sending a packet with a source address of a different
client, we require a policy bound via reqid to the decapsulating SA.
2013-09-13 13:56:43 +02:00
Tobias Brunner
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
Tobias Brunner
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
Tobias Brunner
2e1a19136d
IPsec policies can be looked up based on an IP packet
2012-08-08 15:41:03 +02:00
Tobias Brunner
ed1f0c234f
Order IPsec policies by a pseudo-priority based on the traffic selectors
...
This allows a simple lookup, i.e. just use the first policy that matches
a given IP packet.
2012-08-08 15:41:03 +02:00
Tobias Brunner
7000cf11b1
IPsec policy manager added
...
This version only provides the very simplest management functions.
2012-08-08 15:41:03 +02:00