From 0b0f466bbc9d63b84fd9e893c0eccddb92202c8a Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 21 Oct 2011 13:37:16 +0200
Subject: Defined functions in the kernel interface to flush SAD and SPD
 entries.

---
 src/libhydra/kernel/kernel_ipsec.h | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'src/libhydra/kernel/kernel_ipsec.h')

diff --git a/src/libhydra/kernel/kernel_ipsec.h b/src/libhydra/kernel/kernel_ipsec.h
index eacf7c79f..ddb63283c 100644
--- a/src/libhydra/kernel/kernel_ipsec.h
+++ b/src/libhydra/kernel/kernel_ipsec.h
@@ -305,6 +305,13 @@ struct kernel_ipsec_t {
 						u_int32_t spi, u_int8_t protocol, u_int16_t cpi,
 						mark_t mark);
 
+	/**
+	 * Flush all SAs from the SAD.
+	 *
+	 * @return				SUCCESS if operation completed
+	 */
+	status_t (*flush_sas) (kernel_ipsec_t *this);
+
 	/**
 	 * Add a policy to the SPD.
 	 *
@@ -372,6 +379,13 @@ struct kernel_ipsec_t {
 							policy_dir_t direction, u_int32_t reqid,
 							mark_t mark, policy_priority_t priority);
 
+	/**
+	 * Flush all policies from the SPD.
+	 *
+	 * @return				SUCCESS if operation completed
+	 */
+	status_t (*flush_policies) (kernel_ipsec_t *this);
+
 	/**
 	 * Install a bypass policy for the given socket.
 	 *
-- 
cgit v1.2.3