aboutsummaryrefslogtreecommitdiffstats
path: root/src/libipsec
diff options
context:
space:
mode:
authorTobias Brunner <tobias@strongswan.org>2012-07-13 14:17:03 +0200
committerTobias Brunner <tobias@strongswan.org>2012-08-08 15:41:03 +0200
commit3b8276b405868c176a936e34579d908dcabd61df (patch)
treec106590ad38323ba08183f0c4262c6884f4256dd /src/libipsec
parent9a11bc09bde8491ba64caf4aa20199ef7e5bd532 (diff)
downloadstrongswan-3b8276b405868c176a936e34579d908dcabd61df.tar.bz2
strongswan-3b8276b405868c176a936e34579d908dcabd61df.tar.xz
Method added to easily compare IPsec policies
Diffstat (limited to 'src/libipsec')
-rw-r--r--src/libipsec/ipsec_policy.c14
-rw-r--r--src/libipsec/ipsec_policy.h15
2 files changed, 29 insertions, 0 deletions
diff --git a/src/libipsec/ipsec_policy.c b/src/libipsec/ipsec_policy.c
index e0e154bef..54bae6a76 100644
--- a/src/libipsec/ipsec_policy.c
+++ b/src/libipsec/ipsec_policy.c
@@ -88,6 +88,19 @@ struct private_ipsec_policy_t {
};
+METHOD(ipsec_policy_t, match, bool,
+ private_ipsec_policy_t *this, traffic_selector_t *src_ts,
+ traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid,
+ mark_t mark, policy_priority_t priority)
+{
+ return (this->direction == direction &&
+ this->priority == priority &&
+ this->sa.reqid == reqid &&
+ memeq(&this->mark, &mark, sizeof(mark_t)) &&
+ this->src_ts->equals(this->src_ts, src_ts) &&
+ this->dst_ts->equals(this->dst_ts, dst_ts));
+}
+
METHOD(ipsec_policy_t, get_source_ts, traffic_selector_t*,
private_ipsec_policy_t *this)
{
@@ -158,6 +171,7 @@ ipsec_policy_t *ipsec_policy_create(host_t *src, host_t *dst,
INIT(this,
.public = {
+ .match = _match,
.get_source_ts = _get_source_ts,
.get_destination_ts = _get_destination_ts,
.get_direction = _get_direction,
diff --git a/src/libipsec/ipsec_policy.h b/src/libipsec/ipsec_policy.h
index 0f65b1876..08069307a 100644
--- a/src/libipsec/ipsec_policy.h
+++ b/src/libipsec/ipsec_policy.h
@@ -85,6 +85,21 @@ struct ipsec_policy_t {
ipsec_policy_t *(*get_ref)(ipsec_policy_t *this);
/**
+ * Check if this policy matches all given parameters
+ *
+ * @param src_ts source traffic selector
+ * @param dst_ts destination traffic selector
+ * @param direction traffic direction
+ * @param reqid reqid of the policy
+ * @param mark mark for this policy
+ * @param prioirty policy priority
+ * @return TRUE if policy matches all parameters
+ */
+ bool (*match)(ipsec_policy_t *this, traffic_selector_t *src_ts,
+ traffic_selector_t *dst_ts, policy_dir_t direction,
+ u_int32_t reqid, mark_t mark, policy_priority_t priority);
+
+ /**
* Destroy an ipsec_policy_t
*/
void (*destroy)(ipsec_policy_t *this);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-07 16:46:39 +0000