aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra
diff options
context:
space:
mode:
Diffstat (limited to 'src/libhydra')
-rw-r--r--src/libhydra/kernel/kernel_ipsec.h2
-rw-r--r--src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c3
-rw-r--r--src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c3
3 files changed, 8 insertions, 0 deletions
diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h
index 375945917..986e21fca 100644
--- a/src/libhydra/kernel/kernel_ipsec.h
+++ b/src/libhydra/kernel/kernel_ipsec.h
@@ -98,6 +98,8 @@ enum policy_priority_t {
POLICY_PRIORITY_DEFAULT,
/** Priority for trap policies */
POLICY_PRIORITY_ROUTED,
+ /** Priority for fallback drop policies */
+ POLICY_PRIORITY_FALLBACK,
};
/**
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
index 26919a613..06720a0f4 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -575,6 +575,9 @@ static inline u_int32_t get_priority(policy_entry_t *policy,
u_int32_t priority = PRIO_BASE;
switch (prio)
{
+ case POLICY_PRIORITY_FALLBACK:
+ priority <<= 1;
+ /* fall-through */
case POLICY_PRIORITY_ROUTED:
priority <<= 1;
/* fall-through */
diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
index f96dbcf23..2b07fc2b2 100644
--- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -509,6 +509,9 @@ static inline u_int32_t get_priority(policy_entry_t *policy,
u_int32_t priority = PRIO_BASE;
switch (prio)
{
+ case POLICY_PRIORITY_FALLBACK:
+ priority <<= 1;
+ /* fall-through */
case POLICY_PRIORITY_ROUTED:
priority <<= 1;
/* fall-through */
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-22 21:18:30 +0000