Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrTunnelProtectionUnsupported error is returned if IPSec tunnel protection is not supported on given VPP version. ErrTunnelProtectionUnsupported = errors.New("IPSec tunnel protection is not supported") )
View Source
var Handler = vpp.RegisterHandler(vpp.HandlerDesc{ Name: "ipsec", HandlerAPI: (*IPSecVppAPI)(nil), })
Functions ¶
func AddHandlerVersion ¶
func AddHandlerVersion(version vpp.Version, msgs []govppapi.Message, h NewHandlerFunc)
Types ¶
type IPSecSaDetails ¶
type IPSecSaDetails struct { Sa *ipsec.SecurityAssociation Meta *IPSecSaMeta }
IPSecSaDetails holds security association with VPP metadata
type IPSecSaMeta ¶
type IPSecSaMeta struct { SaID uint32 Interface string IfIdx uint32 CryptoKeyLen uint8 IntegKeyLen uint8 Salt uint32 // not used for VPP >= 22.10 SeqOutbound uint64 LastSeqInbound uint64 ReplayWindow uint64 TotalDataSize uint64 }
IPSecSaMeta contains all VPP-specific metadata
type IPSecVPPRead ¶
type IPSecVPPRead interface { // DumpIPSecSPD returns a list of IPSec security policy databases DumpIPSecSPD() (spdList []*ipsec.SecurityPolicyDatabase, err error) // DumpIPSecSP returns a list of configured security policies DumpIPSecSP() (spList []*ipsec.SecurityPolicy, err error) // DumpIPSecSA returns a list of configured security associations DumpIPSecSA() (saList []*IPSecSaDetails, err error) // DumpIPSecSAWithIndex returns a security association with provided index DumpIPSecSAWithIndex(saID uint32) (saList []*IPSecSaDetails, err error) // DumpTunnelProtections returns configured IPSec tunnel protections DumpTunnelProtections() (tpList []*ipsec.TunnelProtection, err error) }
IPSecVPPRead provides read methods for IPSec
type IPSecVppAPI ¶
type IPSecVppAPI interface { IPSecVPPRead // AddSPD adds SPD to VPP via binary API AddSPD(spdID uint32) error // DeleteSPD deletes SPD from VPP via binary API DeleteSPD(spdID uint32) error // AddSPDInterface adds SPD interface assignment to VPP via binary API AddSPDInterface(spdID uint32, iface *ipsec.SecurityPolicyDatabase_Interface) error // DeleteSPDInterface deletes SPD interface assignment from VPP via binary API DeleteSPDInterface(spdID uint32, iface *ipsec.SecurityPolicyDatabase_Interface) error // AddSP adds security policy to VPP via binary API AddSP(sp *ipsec.SecurityPolicy) error // DeleteSP deletes security policy from VPP via binary API DeleteSP(sp *ipsec.SecurityPolicy) error // AddSA adds SA to VPP via binary API AddSA(sa *ipsec.SecurityAssociation) error // DeleteSA deletes SA from VPP via binary API DeleteSA(sa *ipsec.SecurityAssociation) error // AddTunnelProtection adds a tunnel protection to VPP via binary API AddTunnelProtection(tp *ipsec.TunnelProtection) error // UpdateTunnelProtection updates a tunnel protection on VPP via binary API UpdateTunnelProtection(tp *ipsec.TunnelProtection) error // DeleteTunnelProtection deletes a tunnel protection from VPP via binary API DeleteTunnelProtection(tp *ipsec.TunnelProtection) error }
IPSecVppAPI provides methods for creating and managing of a IPsec configuration
func CompatibleIPSecVppHandler ¶
func CompatibleIPSecVppHandler(c vpp.Client, ifIdx ifaceidx.IfaceMetadataIndex, log logging.Logger) IPSecVppAPI
type NewHandlerFunc ¶
type NewHandlerFunc func(ch govppapi.Channel, ifDdx ifaceidx.IfaceMetadataIndex, log logging.Logger) IPSecVppAPI
Click to show internal directories.
Click to hide internal directories.