aboutsummaryrefslogtreecommitdiffstats
path: root/src/libipsec/ipsec_policy.c
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2012-07-13 15:18:07 +0200
committerTobias Brunner <tobias@strongswan.org>2012-08-08 15:41:03 +0200
commit2e1a19136d8123e5a8c9aa99afbb4a51d92ec2a6 (patch)
tree9488d7e0e43cafe3bd7aa5a9f93af9f88eca7244 /src/libipsec/ipsec_policy.c
parent2dd47c244275abc43a597b50b95a792d1aecc3cd (diff)
downloadstrongswan-2e1a19136d8123e5a8c9aa99afbb4a51d92ec2a6.tar.bz2
strongswan-2e1a19136d8123e5a8c9aa99afbb4a51d92ec2a6.tar.xz
IPsec policies can be looked up based on an IP packet
Diffstat (limited to 'src/libipsec/ipsec_policy.c')
-rw-r--r--src/libipsec/ipsec_policy.c13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/libipsec/ipsec_policy.c b/src/libipsec/ipsec_policy.c
index 54bae6a76..af8ea9f9d 100644
--- a/src/libipsec/ipsec_policy.c
+++ b/src/libipsec/ipsec_policy.c
@@ -101,6 +101,18 @@ METHOD(ipsec_policy_t, match, bool,
this->dst_ts->equals(this->dst_ts, dst_ts));
}
+METHOD(ipsec_policy_t, match_packet, bool,
+ private_ipsec_policy_t *this, ip_packet_t *packet)
+{
+ u_int8_t proto = packet->get_next_header(packet);
+ host_t *src = packet->get_source(packet),
+ *dst = packet->get_destination(packet);
+
+ return (!this->protocol || this->protocol == proto) &&
+ this->src_ts->includes(this->src_ts, src) &&
+ this->dst_ts->includes(this->dst_ts, dst);
+}
+
METHOD(ipsec_policy_t, get_source_ts, traffic_selector_t*,
private_ipsec_policy_t *this)
{
@@ -172,6 +184,7 @@ ipsec_policy_t *ipsec_policy_create(host_t *src, host_t *dst,
INIT(this,
.public = {
.match = _match,
+ .match_packet = _match_packet,
.get_source_ts = _get_source_ts,
.get_destination_ts = _get_destination_ts,
.get_direction = _get_direction,
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 07:48:48 +0000