1package netlink 2 3import ( 4 "fmt" 5 "net" 6) 7 8// Dir is an enum representing an ipsec template direction. 9type Dir uint8 10 11const ( 12 XFRM_DIR_IN Dir = iota 13 XFRM_DIR_OUT 14 XFRM_DIR_FWD 15 XFRM_SOCKET_IN 16 XFRM_SOCKET_OUT 17 XFRM_SOCKET_FWD 18) 19 20func (d Dir) String() string { 21 switch d { 22 case XFRM_DIR_IN: 23 return "dir in" 24 case XFRM_DIR_OUT: 25 return "dir out" 26 case XFRM_DIR_FWD: 27 return "dir fwd" 28 case XFRM_SOCKET_IN: 29 return "socket in" 30 case XFRM_SOCKET_OUT: 31 return "socket out" 32 case XFRM_SOCKET_FWD: 33 return "socket fwd" 34 } 35 return fmt.Sprintf("socket %d", d-XFRM_SOCKET_IN) 36} 37 38// PolicyAction is an enum representing an ipsec policy action. 39type PolicyAction uint8 40 41const ( 42 XFRM_POLICY_ALLOW PolicyAction = 0 43 XFRM_POLICY_BLOCK PolicyAction = 1 44) 45 46func (a PolicyAction) String() string { 47 switch a { 48 case XFRM_POLICY_ALLOW: 49 return "allow" 50 case XFRM_POLICY_BLOCK: 51 return "block" 52 default: 53 return fmt.Sprintf("action %d", a) 54 } 55} 56 57// XfrmPolicyTmpl encapsulates a rule for the base addresses of an ipsec 58// policy. These rules are matched with XfrmState to determine encryption 59// and authentication algorithms. 60type XfrmPolicyTmpl struct { 61 Dst net.IP 62 Src net.IP 63 Proto Proto 64 Mode Mode 65 Spi int 66 Reqid int 67} 68 69func (t XfrmPolicyTmpl) String() string { 70 return fmt.Sprintf("{Dst: %v, Src: %v, Proto: %s, Mode: %s, Spi: 0x%x, Reqid: 0x%x}", 71 t.Dst, t.Src, t.Proto, t.Mode, t.Spi, t.Reqid) 72} 73 74// XfrmPolicy represents an ipsec policy. It represents the overlay network 75// and has a list of XfrmPolicyTmpls representing the base addresses of 76// the policy. 77type XfrmPolicy struct { 78 Dst *net.IPNet 79 Src *net.IPNet 80 Proto Proto 81 DstPort int 82 SrcPort int 83 Dir Dir 84 Priority int 85 Index int 86 Action PolicyAction 87 Ifindex int 88 Ifid int 89 Mark *XfrmMark 90 Tmpls []XfrmPolicyTmpl 91} 92 93func (p XfrmPolicy) String() string { 94 return fmt.Sprintf("{Dst: %v, Src: %v, Proto: %s, DstPort: %d, SrcPort: %d, Dir: %s, Priority: %d, Index: %d, Action: %s, Ifindex: %d, Ifid: %d, Mark: %s, Tmpls: %s}", 95 p.Dst, p.Src, p.Proto, p.DstPort, p.SrcPort, p.Dir, p.Priority, p.Index, p.Action, p.Ifindex, p.Ifid, p.Mark, p.Tmpls) 96} 97