diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2011-07-05 21:57:27 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2011-07-05 21:57:45 +0200 |
commit | 06b5b618380f8a036d2422d8cc79498c6f0e93d1 (patch) | |
tree | dd6ebc56b82dfedc0ac495979bd4eaaa98a754b5 /src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | |
parent | a7edbd219f5c1706ffc7212bd7705c170af44de7 (diff) | |
download | strongswan-06b5b618380f8a036d2422d8cc79498c6f0e93d1.tar.bz2 strongswan-06b5b618380f8a036d2422d8cc79498c6f0e93d1.tar.xz |
install PASS and DROP shunt policies via PFKEYv2 interface
Diffstat (limited to 'src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c')
-rw-r--r-- | src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c index e32866a06..75336f2f6 100644 --- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c +++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c @@ -1649,7 +1649,18 @@ METHOD(kernel_ipsec_t, add_policy, status_t, pol->sadb_x_policy_len = PFKEY_LEN(sizeof(struct sadb_x_policy)); pol->sadb_x_policy_id = 0; pol->sadb_x_policy_dir = dir2kernel(direction); - pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC; + switch (type) + { + case POLICY_IPSEC: + pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC; + break; + case POLICY_PASS: + pol->sadb_x_policy_type = IPSEC_POLICY_NONE; + break; + case POLICY_DROP: + pol->sadb_x_policy_type = IPSEC_POLICY_DISCARD; + break; + } #ifdef HAVE_STRUCT_SADB_X_POLICY_SADB_X_POLICY_PRIORITY /* calculate priority based on selector size, small size = high prio */ pol->sadb_x_policy_priority = routed ? PRIO_LOW : PRIO_HIGH; |