aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra/kernel
diff options
context:
space:
mode:
Diffstat (limited to 'src/libhydra/kernel')
-rw-r--r--src/libhydra/kernel/kernel_ipsec.c4
-rw-r--r--src/libhydra/kernel/kernel_ipsec.h4
2 files changed, 7 insertions, 1 deletions
diff --git a/src/libhydra/kernel/kernel_ipsec.c b/src/libhydra/kernel/kernel_ipsec.c
index 383685426..9035196b7 100644
--- a/src/libhydra/kernel/kernel_ipsec.c
+++ b/src/libhydra/kernel/kernel_ipsec.c
@@ -15,10 +15,12 @@
#include "kernel_ipsec.h"
-ENUM(ipsec_mode_names, MODE_TRANSPORT, MODE_BEET,
+ENUM(ipsec_mode_names, MODE_TRANSPORT, MODE_DROP,
"TRANSPORT",
"TUNNEL",
"BEET",
+ "PASS",
+ "DROP"
);
ENUM(policy_dir_names, POLICY_IN, POLICY_FWD,
diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h
index ef36efd11..e7b62ad1f 100644
--- a/src/libhydra/kernel/kernel_ipsec.h
+++ b/src/libhydra/kernel/kernel_ipsec.h
@@ -47,6 +47,10 @@ enum ipsec_mode_t {
MODE_TUNNEL,
/** BEET mode, tunnel mode but fixed, bound inner addresses */
MODE_BEET,
+ /** passthrough policy for traffic without an IPsec SA */
+ MODE_PASS,
+ /** drop policy discarding traffic */
+ MODE_DROP
};
/**
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-23 23:34:30 +0000