1package netlink 2 3import ( 4 "net" 5) 6 7// XfrmStateAlgo represents the algorithm to use for the ipsec encryption. 8type XfrmStateAlgo struct { 9 Name string 10 Key []byte 11 TruncateLen int // Auth only 12} 13 14// EncapType is an enum representing an ipsec template direction. 15type EncapType uint8 16 17const ( 18 XFRM_ENCAP_ESPINUDP_NONIKE EncapType = iota + 1 19 XFRM_ENCAP_ESPINUDP 20) 21 22func (e EncapType) String() string { 23 switch e { 24 case XFRM_ENCAP_ESPINUDP_NONIKE: 25 return "espinudp-nonike" 26 case XFRM_ENCAP_ESPINUDP: 27 return "espinudp" 28 } 29 return "unknown" 30} 31 32// XfrmEncap represents the encapsulation to use for the ipsec encryption. 33type XfrmStateEncap struct { 34 Type EncapType 35 SrcPort int 36 DstPort int 37 OriginalAddress net.IP 38} 39 40// XfrmState represents the state of an ipsec policy. It optionally 41// contains an XfrmStateAlgo for encryption and one for authentication. 42type XfrmState struct { 43 Dst net.IP 44 Src net.IP 45 Proto Proto 46 Mode Mode 47 Spi int 48 Reqid int 49 ReplayWindow int 50 Auth *XfrmStateAlgo 51 Crypt *XfrmStateAlgo 52 Encap *XfrmStateEncap 53} 54