diff options
author | Tobias Brunner <tobias@strongswan.org> | 2012-07-13 14:17:03 +0200 |
---|---|---|
committer | Tobias Brunner <tobias@strongswan.org> | 2012-08-08 15:41:03 +0200 |
commit | 3b8276b405868c176a936e34579d908dcabd61df (patch) | |
tree | c106590ad38323ba08183f0c4262c6884f4256dd /src/libipsec | |
parent | 9a11bc09bde8491ba64caf4aa20199ef7e5bd532 (diff) | |
download | strongswan-3b8276b405868c176a936e34579d908dcabd61df.tar.bz2 strongswan-3b8276b405868c176a936e34579d908dcabd61df.tar.xz |
Method added to easily compare IPsec policies
Diffstat (limited to 'src/libipsec')
-rw-r--r-- | src/libipsec/ipsec_policy.c | 14 | ||||
-rw-r--r-- | src/libipsec/ipsec_policy.h | 15 |
2 files changed, 29 insertions, 0 deletions
diff --git a/src/libipsec/ipsec_policy.c b/src/libipsec/ipsec_policy.c index e0e154bef..54bae6a76 100644 --- a/src/libipsec/ipsec_policy.c +++ b/src/libipsec/ipsec_policy.c @@ -88,6 +88,19 @@ struct private_ipsec_policy_t { }; +METHOD(ipsec_policy_t, match, bool, + private_ipsec_policy_t *this, traffic_selector_t *src_ts, + traffic_selector_t *dst_ts, policy_dir_t direction, u_int32_t reqid, + mark_t mark, policy_priority_t priority) +{ + return (this->direction == direction && + this->priority == priority && + this->sa.reqid == reqid && + memeq(&this->mark, &mark, sizeof(mark_t)) && + this->src_ts->equals(this->src_ts, src_ts) && + this->dst_ts->equals(this->dst_ts, dst_ts)); +} + METHOD(ipsec_policy_t, get_source_ts, traffic_selector_t*, private_ipsec_policy_t *this) { @@ -158,6 +171,7 @@ ipsec_policy_t *ipsec_policy_create(host_t *src, host_t *dst, INIT(this, .public = { + .match = _match, .get_source_ts = _get_source_ts, .get_destination_ts = _get_destination_ts, .get_direction = _get_direction, diff --git a/src/libipsec/ipsec_policy.h b/src/libipsec/ipsec_policy.h index 0f65b1876..08069307a 100644 --- a/src/libipsec/ipsec_policy.h +++ b/src/libipsec/ipsec_policy.h @@ -85,6 +85,21 @@ struct ipsec_policy_t { ipsec_policy_t *(*get_ref)(ipsec_policy_t *this); /** + * Check if this policy matches all given parameters + * + * @param src_ts source traffic selector + * @param dst_ts destination traffic selector + * @param direction traffic direction + * @param reqid reqid of the policy + * @param mark mark for this policy + * @param prioirty policy priority + * @return TRUE if policy matches all parameters + */ + bool (*match)(ipsec_policy_t *this, traffic_selector_t *src_ts, + traffic_selector_t *dst_ts, policy_dir_t direction, + u_int32_t reqid, mark_t mark, policy_priority_t priority); + + /** * Destroy an ipsec_policy_t */ void (*destroy)(ipsec_policy_t *this); |