www.beck-ipc.com

@CHIP-RTOS C Library - TCP/IP API

IPsec_Add_Policy

This function appends the list of policies in affect for the IP Security.

int IPsec_Add_Policy(const tIPSEC_POLICY_PAIR *pairs,
                     const tIPSEC_POLICY_SELECTOR *selectors,
                     const tIPSEC_POLICY_CONTENT *content,
                     int pair_cnt) ;

Parameters

pairs

An array of tIPSEC_POLICY_PAIR data structures which map tIPSEC_POLICY_SELECTOR structures to their corresponding tIPSEC_POLICY_CONTENT structure.

selectors

An array of tIPSEC_POLICY_SELECTOR that will be used to select IP Security policies to be applied to IP traffic.

content

An array of tIPSEC_POLICY_CONTENT that specify IP Security policies to be applied to IP traffic.

pair_cnt

The number of data structures listed in the array at pairs.

Return Value

Error code, zero on success

Comments

The IP security must be started prior to using this API.

The tIPSEC_POLICY_PAIR structures at pairs are used to connect the members of the other two structure arrays, mapping policy selectors to policy content.   Care must be taken to assure that these indexes map to existing structures within these two arrays.

Following return from this API, the user data referenced is no longer required and need not be static.   The system has copied this information into its IPsec policy database.

Policies are selected with a search through the database which stops at the first entry whose selector matches some specified conditions.   This search is performed in the reverse order in which policies are added.   Newest policies are checked first.   Policies are added starting at the top of the list of pairs.   Consequently, the policy pairs listed last are selected ahead of the policy pairs listed first.   So catch all policies for bypass or discard should therefore be listed first.

When this API is called more than once without an intervening IPsec_Clear_Policy() call, the policies from the most recent call take precedence over any earlier call's policies.   Again, newest policies are checked first.

See Also

RTOS API

This library function invokes a RTOS software interrupt.

Supported since or modified in @CHIP-RTOS version

    SC12SC13SC11SC1x3SC2x
    n/an/an/aV1.07V1.00

Supported by @CHIP-RTOS C Library since version

    CLIB
    V2.06

This API List
List of C Libraries
@CHIP-RTOS Main Index

End of document