aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/config/child_cfg.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libcharon/config/child_cfg.c')
-rw-r--r--src/libcharon/config/child_cfg.c38
1 files changed, 36 insertions, 2 deletions
diff --git a/src/libcharon/config/child_cfg.c b/src/libcharon/config/child_cfg.c
index a33502eff..d3f688a5d 100644
--- a/src/libcharon/config/child_cfg.c
+++ b/src/libcharon/config/child_cfg.c
@@ -114,11 +114,20 @@ struct private_child_cfg_t {
u_int32_t inactivity;
/**
- * Reqid to install CHIL_SA with
+ * Reqid to install CHILD_SA with
*/
u_int32_t reqid;
/**
+ * Optional mark to install inbound CHILD_SA with
+ */
+ mark_t mark_in;
+
+ /**
+ * Optional mark to install outbound CHILD_SA with
+ */
+ mark_t mark_out;
+ /**
* set up IPsec transport SA in MIPv6 proxy mode
*/
bool proxy_mode;
@@ -461,6 +470,14 @@ static u_int32_t get_reqid(private_child_cfg_t *this)
}
/**
+ * Implementation of child_cfg_t.get_mark.
+ */
+static mark_t get_mark(private_child_cfg_t *this, bool inbound)
+{
+ return inbound ? this->mark_in : this->mark_out;
+}
+
+/**
* Implementation of child_cfg_t.set_mipv6_options.
*/
static void set_mipv6_options(private_child_cfg_t *this, bool proxy_mode,
@@ -521,7 +538,8 @@ child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
char *updown, bool hostaccess,
ipsec_mode_t mode, action_t dpd_action,
action_t close_action, bool ipcomp,
- u_int32_t inactivity, u_int32_t reqid)
+ u_int32_t inactivity, u_int32_t reqid,
+ mark_t *mark)
{
private_child_cfg_t *this = malloc_thing(private_child_cfg_t);
@@ -542,6 +560,7 @@ child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
this->public.use_ipcomp = (bool (*) (child_cfg_t *))use_ipcomp;
this->public.get_inactivity = (u_int32_t (*) (child_cfg_t *))get_inactivity;
this->public.get_reqid = (u_int32_t (*) (child_cfg_t *))get_reqid;
+ this->public.get_mark = (mark_t (*) (child_cfg_t *,bool))get_mark;
this->public.use_proxy_mode = (bool (*) (child_cfg_t *))use_proxy_mode;
this->public.install_policy = (bool (*) (child_cfg_t *))install_policy;
this->public.get_ref = (child_cfg_t* (*) (child_cfg_t*))get_ref;
@@ -556,6 +575,21 @@ child_cfg_t *child_cfg_create(char *name, lifetime_cfg_t *lifetime,
this->use_ipcomp = ipcomp;
this->inactivity = inactivity;
this->reqid = reqid;
+
+ /* TODO configure separate inbound and outbound marks */
+ if (mark)
+ {
+ this->mark_in = *mark;
+ this->mark_out = *mark;
+ }
+ else
+ {
+ this->mark_in.value = 0;
+ this->mark_in.mask = 0;
+ this->mark_out.value = 0;
+ this->mark_out.mask = 0;
+ }
+
this->proxy_mode = FALSE;
this->install_policy = TRUE;
this->refcount = 1;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-17 15:46:44 +0000