ip: xfrm: add espintcp encapsulation
While at it, convert xfrm_xfrma_print and xfrm_encap_type_parse to use the UAPI macros for encap_type as suggested by David Ahern, and add the UAPI udp.h header (sync'd from ipsec-next to get the TCP_ENCAP_ESPINTCP definition). Co-developed-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: David Ahern <dsahern@gmail.com>
This commit is contained in:
Sabrina Dubroca
David Ahern
parent
4df5ad933c
commit
22aec42679
14
ip/ipxfrm.c
14
ip/ipxfrm.c
|
|
@ -34,6 +34,7 @@
|
||||||
#include <netdb.h>
|
#include <netdb.h>
|
||||||
#include <linux/netlink.h>
|
#include <linux/netlink.h>
|
||||||
#include <linux/rtnetlink.h>
|
#include <linux/rtnetlink.h>
|
||||||
|
#include <linux/udp.h>
|
||||||
|
|
||||||
#include "utils.h"
|
#include "utils.h"
|
||||||
#include "xfrm.h"
|
#include "xfrm.h"
|
||||||
|
|
@ -753,12 +754,15 @@ void xfrm_xfrma_print(struct rtattr *tb[], __u16 family,
|
||||||
|
|
||||||
fprintf(fp, "type ");
|
fprintf(fp, "type ");
|
||||||
switch (e->encap_type) {
|
switch (e->encap_type) {
|
||||||
case 1:
|
case UDP_ENCAP_ESPINUDP_NON_IKE:
|
||||||
fprintf(fp, "espinudp-nonike ");
|
fprintf(fp, "espinudp-nonike ");
|
||||||
break;
|
break;
|
||||||
case 2:
|
case UDP_ENCAP_ESPINUDP:
|
||||||
fprintf(fp, "espinudp ");
|
fprintf(fp, "espinudp ");
|
||||||
break;
|
break;
|
||||||
|
case TCP_ENCAP_ESPINTCP:
|
||||||
|
fprintf(fp, "espintcp ");
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
fprintf(fp, "%u ", e->encap_type);
|
fprintf(fp, "%u ", e->encap_type);
|
||||||
break;
|
break;
|
||||||
|
|
@ -1208,9 +1212,11 @@ int xfrm_encap_type_parse(__u16 *type, int *argcp, char ***argvp)
|
||||||
char **argv = *argvp;
|
char **argv = *argvp;
|
||||||
|
|
||||||
if (strcmp(*argv, "espinudp-nonike") == 0)
|
if (strcmp(*argv, "espinudp-nonike") == 0)
|
||||||
*type = 1;
|
*type = UDP_ENCAP_ESPINUDP_NON_IKE;
|
||||||
else if (strcmp(*argv, "espinudp") == 0)
|
else if (strcmp(*argv, "espinudp") == 0)
|
||||||
*type = 2;
|
*type = UDP_ENCAP_ESPINUDP;
|
||||||
|
else if (strcmp(*argv, "espintcp") == 0)
|
||||||
|
*type = TCP_ENCAP_ESPINTCP;
|
||||||
else
|
else
|
||||||
invarg("ENCAP-TYPE value is invalid", *argv);
|
invarg("ENCAP-TYPE value is invalid", *argv);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -130,7 +130,7 @@ static void usage(void)
|
||||||
"LIMIT-LIST := [ LIMIT-LIST ] limit LIMIT\n"
|
"LIMIT-LIST := [ LIMIT-LIST ] limit LIMIT\n"
|
||||||
"LIMIT := { time-soft | time-hard | time-use-soft | time-use-hard } SECONDS |\n"
|
"LIMIT := { time-soft | time-hard | time-use-soft | time-use-hard } SECONDS |\n"
|
||||||
" { byte-soft | byte-hard } SIZE | { packet-soft | packet-hard } COUNT\n"
|
" { byte-soft | byte-hard } SIZE | { packet-soft | packet-hard } COUNT\n"
|
||||||
"ENCAP := { espinudp | espinudp-nonike } SPORT DPORT OADDR\n"
|
"ENCAP := { espinudp | espinudp-nonike | espintcp } SPORT DPORT OADDR\n"
|
||||||
"DIR := in | out\n");
|
"DIR := in | out\n");
|
||||||
|
|
||||||
exit(-1);
|
exit(-1);
|
||||||
|
|
|
||||||
|
|
@ -207,7 +207,7 @@ ip-xfrm \- transform configuration
|
||||||
|
|
||||||
.ti -8
|
.ti -8
|
||||||
.IR ENCAP " :="
|
.IR ENCAP " :="
|
||||||
.RB "{ " espinudp " | " espinudp-nonike " }"
|
.RB "{ " espinudp " | " espinudp-nonike " | " espintcp " }"
|
||||||
.IR SPORT " " DPORT " " OADDR
|
.IR SPORT " " DPORT " " OADDR
|
||||||
|
|
||||||
.ti -8
|
.ti -8
|
||||||
|
|
@ -548,7 +548,7 @@ sets limits in seconds, bytes, or numbers of packets.
|
||||||
.TP
|
.TP
|
||||||
.I ENCAP
|
.I ENCAP
|
||||||
encapsulates packets with protocol
|
encapsulates packets with protocol
|
||||||
.BR espinudp " or " espinudp-nonike ","
|
.BR espinudp ", " espinudp-nonike ", or " espintcp ","
|
||||||
.RI "using source port " SPORT ", destination port " DPORT
|
.RI "using source port " SPORT ", destination port " DPORT
|
||||||
.RI ", and original address " OADDR "."
|
.RI ", and original address " OADDR "."
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue