aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
diff options
context:
space:
mode:
authorAndreas Steffen <andreas.steffen@strongswan.org>2011-07-05 21:57:27 +0200
committerAndreas Steffen <andreas.steffen@strongswan.org>2011-07-05 21:57:45 +0200
commit06b5b618380f8a036d2422d8cc79498c6f0e93d1 (patch)
treedd6ebc56b82dfedc0ac495979bd4eaaa98a754b5 /src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
parenta7edbd219f5c1706ffc7212bd7705c170af44de7 (diff)
downloadstrongswan-06b5b618380f8a036d2422d8cc79498c6f0e93d1.tar.bz2
strongswan-06b5b618380f8a036d2422d8cc79498c6f0e93d1.tar.xz
install PASS and DROP shunt policies via PFKEYv2 interface
Diffstat (limited to 'src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c')
-rw-r--r--src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index e32866a06..75336f2f6 100644
--- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -1649,7 +1649,18 @@ METHOD(kernel_ipsec_t, add_policy, status_t,
pol->sadb_x_policy_len = PFKEY_LEN(sizeof(struct sadb_x_policy));
pol->sadb_x_policy_id = 0;
pol->sadb_x_policy_dir = dir2kernel(direction);
- pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
+ switch (type)
+ {
+ case POLICY_IPSEC:
+ pol->sadb_x_policy_type = IPSEC_POLICY_IPSEC;
+ break;
+ case POLICY_PASS:
+ pol->sadb_x_policy_type = IPSEC_POLICY_NONE;
+ break;
+ case POLICY_DROP:
+ pol->sadb_x_policy_type = IPSEC_POLICY_DISCARD;
+ break;
+ }
#ifdef HAVE_STRUCT_SADB_X_POLICY_SADB_X_POLICY_PRIORITY
/* calculate priority based on selector size, small size = high prio */
pol->sadb_x_policy_priority = routed ? PRIO_LOW : PRIO_HIGH;