1package netlink
2
3import (
4	"fmt"
5	"net"
6)
7
8// Dir is an enum representing an ipsec template direction.
9type Dir uint8
10
11const (
12	XFRM_DIR_IN Dir = iota
13	XFRM_DIR_OUT
14	XFRM_DIR_FWD
15	XFRM_SOCKET_IN
16	XFRM_SOCKET_OUT
17	XFRM_SOCKET_FWD
18)
19
20func (d Dir) String() string {
21	switch d {
22	case XFRM_DIR_IN:
23		return "dir in"
24	case XFRM_DIR_OUT:
25		return "dir out"
26	case XFRM_DIR_FWD:
27		return "dir fwd"
28	case XFRM_SOCKET_IN:
29		return "socket in"
30	case XFRM_SOCKET_OUT:
31		return "socket out"
32	case XFRM_SOCKET_FWD:
33		return "socket fwd"
34	}
35	return fmt.Sprintf("socket %d", d-XFRM_SOCKET_IN)
36}
37
38// PolicyAction is an enum representing an ipsec policy action.
39type PolicyAction uint8
40
41const (
42	XFRM_POLICY_ALLOW PolicyAction = 0
43	XFRM_POLICY_BLOCK PolicyAction = 1
44)
45
46func (a PolicyAction) String() string {
47	switch a {
48	case XFRM_POLICY_ALLOW:
49		return "allow"
50	case XFRM_POLICY_BLOCK:
51		return "block"
52	default:
53		return fmt.Sprintf("action %d", a)
54	}
55}
56
57// XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec
58// policy. These rules are matched with XfrmState to determine encryption
59// and authentication algorithms.
60type XfrmPolicyTmpl struct {
61	Dst   net.IP
62	Src   net.IP
63	Proto Proto
64	Mode  Mode
65	Spi   int
66	Reqid int
67}
68
69func (t XfrmPolicyTmpl) String() string {
70	return fmt.Sprintf("{Dst: %v, Src: %v, Proto: %s, Mode: %s, Spi: 0x%x, Reqid: 0x%x}",
71		t.Dst, t.Src, t.Proto, t.Mode, t.Spi, t.Reqid)
72}
73
74// XfrmPolicy represents an ipsec policy. It represents the overlay network
75// and has a list of XfrmPolicyTmpls representing the base addresses of
76// the policy.
77type XfrmPolicy struct {
78	Dst      *net.IPNet
79	Src      *net.IPNet
80	Proto    Proto
81	DstPort  int
82	SrcPort  int
83	Dir      Dir
84	Priority int
85	Index    int
86	Action   PolicyAction
87	Ifindex  int
88	Ifid     int
89	Mark     *XfrmMark
90	Tmpls    []XfrmPolicyTmpl
91}
92
93func (p XfrmPolicy) String() string {
94	return fmt.Sprintf("{Dst: %v, Src: %v, Proto: %s, DstPort: %d, SrcPort: %d, Dir: %s, Priority: %d, Index: %d, Action: %s, Ifindex: %d, Ifid: %d, Mark: %s, Tmpls: %s}",
95		p.Dst, p.Src, p.Proto, p.DstPort, p.SrcPort, p.Dir, p.Priority, p.Index, p.Action, p.Ifindex, p.Ifid, p.Mark, p.Tmpls)
96}
97