diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2012-07-13 15:18:07 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2012-08-08 15:41:03 +0200 |
| commit | 2e1a19136d8123e5a8c9aa99afbb4a51d92ec2a6 (patch) | |
| tree | 9488d7e0e43cafe3bd7aa5a9f93af9f88eca7244 /src/libipsec/ipsec_policy_mgr.c | |
| parent | 2dd47c244275abc43a597b50b95a792d1aecc3cd (diff) | |
| download | strongswan-2e1a19136d8123e5a8c9aa99afbb4a51d92ec2a6.tar.bz2 strongswan-2e1a19136d8123e5a8c9aa99afbb4a51d92ec2a6.tar.xz | |
IPsec policies can be looked up based on an IP packet
Diffstat (limited to 'src/libipsec/ipsec_policy_mgr.c')
| -rw-r--r-- | src/libipsec/ipsec_policy_mgr.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/src/libipsec/ipsec_policy_mgr.c b/src/libipsec/ipsec_policy_mgr.c index 70447b237..41ba792c3 100644 --- a/src/libipsec/ipsec_policy_mgr.c +++ b/src/libipsec/ipsec_policy_mgr.c @@ -16,7 +16,6 @@ */ #include "ipsec_policy_mgr.h" -#include "ipsec_policy.h" #include <debug.h> #include <threading/rwlock.h> @@ -230,6 +229,31 @@ METHOD(ipsec_policy_mgr_t, flush_policies, status_t, return SUCCESS; } +METHOD(ipsec_policy_mgr_t, find_by_packet, ipsec_policy_t*, + private_ipsec_policy_mgr_t *this, ip_packet_t *packet, bool inbound) +{ + enumerator_t *enumerator; + ipsec_policy_entry_t *current; + ipsec_policy_t *found = NULL; + + this->lock->read_lock(this->lock); + enumerator = this->policies->create_enumerator(this->policies); + while (enumerator->enumerate(enumerator, (void**)¤t)) + { + ipsec_policy_t *policy = current->policy; + + if ((inbound == (policy->get_direction(policy) == POLICY_IN)) && + policy->match_packet(policy, packet)) + { + found = policy->get_ref(policy); + break; + } + } + enumerator->destroy(enumerator); + this->lock->unlock(this->lock); + return found; +} + METHOD(ipsec_policy_mgr_t, destroy, void, private_ipsec_policy_mgr_t *this) { @@ -251,6 +275,7 @@ ipsec_policy_mgr_t *ipsec_policy_mgr_create() .add_policy = _add_policy, .del_policy = _del_policy, .flush_policies = _flush_policies, + .find_by_packet = _find_by_packet, .destroy = _destroy, }, .policies = linked_list_create(), |