Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrTunnelProtectionUnsupported error is returned if IPSec tunnel protection is not supported on given VPP version. ErrTunnelProtectionUnsupported = errors.New("IPSec tunnel protection is not supported") )
View Source
var Handler = vpp.RegisterHandler(vpp.HandlerDesc{ Name: "ipsec", HandlerAPI: (*IPSecVppAPI)(nil), })
Functions ¶
func AddHandlerVersion ¶
func AddHandlerVersion(version vpp.Version, msgs []govppapi.Message, h NewHandlerFunc)
Types ¶
type IPSecSaDetails ¶
type IPSecSaDetails struct {
Sa *ipsec.SecurityAssociation
Meta *IPSecSaMeta
}
IPSecSaDetails holds security association with VPP metadata
type IPSecSaMeta ¶
type IPSecSaMeta struct {
SaID uint32
Interface string
IfIdx uint32
CryptoKeyLen uint8
IntegKeyLen uint8
Salt uint32 // not used for VPP >= 22.10
SeqOutbound uint64
LastSeqInbound uint64
ReplayWindow uint64
TotalDataSize uint64
}
IPSecSaMeta contains all VPP-specific metadata
type IPSecVPPRead ¶
type IPSecVPPRead interface {
// DumpIPSecSPD returns a list of IPSec security policy databases
DumpIPSecSPD() (spdList []*ipsec.SecurityPolicyDatabase, err error)
// DumpIPSecSP returns a list of configured security policies
DumpIPSecSP() (spList []*ipsec.SecurityPolicy, err error)
// DumpIPSecSA returns a list of configured security associations
DumpIPSecSA() (saList []*IPSecSaDetails, err error)
// DumpIPSecSAWithIndex returns a security association with provided index
DumpIPSecSAWithIndex(saID uint32) (saList []*IPSecSaDetails, err error)
// DumpTunnelProtections returns configured IPSec tunnel protections
DumpTunnelProtections() (tpList []*ipsec.TunnelProtection, err error)
}
IPSecVPPRead provides read methods for IPSec
type IPSecVppAPI ¶
type IPSecVppAPI interface {
IPSecVPPRead
// AddSPD adds SPD to VPP via binary API
AddSPD(spdID uint32) error
// DeleteSPD deletes SPD from VPP via binary API
DeleteSPD(spdID uint32) error
// AddSPDInterface adds SPD interface assignment to VPP via binary API
AddSPDInterface(spdID uint32, iface *ipsec.SecurityPolicyDatabase_Interface) error
// DeleteSPDInterface deletes SPD interface assignment from VPP via binary API
DeleteSPDInterface(spdID uint32, iface *ipsec.SecurityPolicyDatabase_Interface) error
// AddSP adds security policy to VPP via binary API
AddSP(sp *ipsec.SecurityPolicy) error
// DeleteSP deletes security policy from VPP via binary API
DeleteSP(sp *ipsec.SecurityPolicy) error
// AddSA adds SA to VPP via binary API
AddSA(sa *ipsec.SecurityAssociation) error
// DeleteSA deletes SA from VPP via binary API
DeleteSA(sa *ipsec.SecurityAssociation) error
// AddTunnelProtection adds a tunnel protection to VPP via binary API
AddTunnelProtection(tp *ipsec.TunnelProtection) error
// UpdateTunnelProtection updates a tunnel protection on VPP via binary API
UpdateTunnelProtection(tp *ipsec.TunnelProtection) error
// DeleteTunnelProtection deletes a tunnel protection from VPP via binary API
DeleteTunnelProtection(tp *ipsec.TunnelProtection) error
}
IPSecVppAPI provides methods for creating and managing of a IPsec configuration
func CompatibleIPSecVppHandler ¶
func CompatibleIPSecVppHandler(c vpp.Client, ifIdx ifaceidx.IfaceMetadataIndex, log logging.Logger) IPSecVppAPI
type NewHandlerFunc ¶
type NewHandlerFunc func(ch govppapi.Channel, ifDdx ifaceidx.IfaceMetadataIndex, log logging.Logger) IPSecVppAPI
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.