diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-03-24 18:35:27 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-04-09 16:51:01 +0200 |
| commit | 7f57c4f9fbf3bdd559af054795bdbf2dfaa9b810 (patch) | |
| tree | 610437ec3b355c4c2c0e715f4c574361603c947d /src/libcharon/plugins | |
| parent | 2ba5dadb12dd95c9ba5ff99e619fb33388582661 (diff) | |
| download | strongswan-7f57c4f9fbf3bdd559af054795bdbf2dfaa9b810.tar.bz2 strongswan-7f57c4f9fbf3bdd559af054795bdbf2dfaa9b810.tar.xz | |
Support manually-set IPsec policy priorities
Diffstat (limited to 'src/libcharon/plugins')
| -rw-r--r-- | src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c | 6 | ||||
| -rw-r--r-- | src/libcharon/plugins/vici/vici_config.c | 2 |
2 files changed, 6 insertions, 2 deletions
diff --git a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c index b147590e3..bad343eba 100644 --- a/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c +++ b/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c @@ -2397,7 +2397,8 @@ METHOD(kernel_ipsec_t, add_policy, status_t, /* cache the assigned IPsec SA */ assigned_sa = policy_sa_create(this, id->dir, data->type, data->src, data->dst, id->src_ts, id->dst_ts, id->mark, data->sa); - assigned_sa->priority = get_priority(policy, data->prio); + assigned_sa->priority = data->manual_prio ? data->manual_prio : + get_priority(policy, data->prio); /* insert the SA according to its priority */ enumerator = policy->used_by->create_enumerator(policy->used_by); @@ -2576,7 +2577,8 @@ METHOD(kernel_ipsec_t, del_policy, status_t, } /* remove mapping to SA by reqid and priority */ - priority = get_priority(current, data->prio); + priority = data->manual_prio ? data->manual_prio : + get_priority(current, data->prio); enumerator = current->used_by->create_enumerator(current->used_by); while (enumerator->enumerate(enumerator, (void**)&mapping)) { diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c index e3fd9e9e3..8358336af 100644 --- a/src/libcharon/plugins/vici/vici_config.c +++ b/src/libcharon/plugins/vici/vici_config.c @@ -461,6 +461,7 @@ static void log_child_data(child_data_t *data, char *name) DBG2(DBG_CFG, " close_action = %N", action_names, cfg->close_action); DBG2(DBG_CFG, " reqid = %u", cfg->reqid); DBG2(DBG_CFG, " tfc = %d", cfg->tfc); + DBG2(DBG_CFG, " priority = %d", cfg->priority); DBG2(DBG_CFG, " mark_in = %u/%u", cfg->mark_in.value, cfg->mark_in.mask); DBG2(DBG_CFG, " mark_out = %u/%u", @@ -1340,6 +1341,7 @@ CALLBACK(child_kv, bool, { "mark_in", parse_mark, &child->cfg.mark_in }, { "mark_out", parse_mark, &child->cfg.mark_out }, { "tfc_padding", parse_tfc, &child->cfg.tfc }, + { "priority", parse_uint32, &child->cfg.priority }, }; return parse_rules(rules, countof(rules), name, value, |