summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ipsec_cli.c
diff options
context:
space:
mode:
authorRadu Nicolau <radu.nicolau@intel.com>2018-08-03 10:37:24 +0100
committerNeale Ranns <nranns@cisco.com>2018-08-03 14:36:08 +0000
commit717de096c4d715eab6b783aaa28f26a9114925da (patch)
tree505c966304a20ab3d4095e17b4e3b069fd9f8261 /src/vnet/ipsec/ipsec_cli.c
parentce9e0b4d48705d693f4e03093e3f506bdecaf141 (diff)
ipsec: add udp-encap option to debug cli commands
Change-Id: I3195afd952f6783da87224d7ceb9df13ddd39459 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Diffstat (limited to 'src/vnet/ipsec/ipsec_cli.c')
-rw-r--r--src/vnet/ipsec/ipsec_cli.c14
1 files changed, 10 insertions, 4 deletions
diff --git a/src/vnet/ipsec/ipsec_cli.c b/src/vnet/ipsec/ipsec_cli.c
index 6a97b7bc8d9..5603fae368a 100644
--- a/src/vnet/ipsec/ipsec_cli.c
+++ b/src/vnet/ipsec/ipsec_cli.c
@@ -148,6 +148,10 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
sa.is_tunnel = 1;
sa.is_tunnel_ip6 = 1;
}
+ else if (unformat (line_input, "udp-encap"))
+ {
+ sa.udp_encap = 1;
+ }
else
{
error = clib_error_return (0, "parse error: '%U'",
@@ -176,7 +180,7 @@ ipsec_sa_add_del_command_fn (vlib_main_t * vm,
goto done;
}
- ipsec_add_del_sa (vm, &sa, is_add, 0 /* enable nat traversal */ );
+ ipsec_add_del_sa (vm, &sa, is_add);
done:
unformat_free (line_input);
@@ -665,8 +669,8 @@ show_ipsec_command_fn (vlib_main_t * vm,
hi = vnet_get_hw_interface (im->vnet_main, t->hw_if_index);
vlib_cli_output(vm, " %s seq", hi->name);
sa = pool_elt_at_index(im->sad, t->output_sa_index);
- vlib_cli_output(vm, " seq %u seq-hi %u esn %u anti-replay %u",
- sa->seq, sa->seq_hi, sa->use_esn, sa->use_anti_replay);
+ vlib_cli_output(vm, " seq %u seq-hi %u esn %u anti-replay %u udp-encap %u",
+ sa->seq, sa->seq_hi, sa->use_esn, sa->use_anti_replay, sa->udp_encap);
vlib_cli_output(vm, " local-spi %u local-ip %U", sa->spi,
format_ip4_address, &sa->tunnel_src_addr.ip4);
vlib_cli_output(vm, " local-crypto %U %U",
@@ -766,6 +770,8 @@ create_ipsec_tunnel_command_fn (vlib_main_t * vm,
a.renumber = 1;
else if (unformat (line_input, "del"))
a.is_add = 0;
+ else if (unformat (line_input, "udp-encap"))
+ a.udp_encap = 1;
else
{
error = clib_error_return (0, "unknown input `%U'",
@@ -808,7 +814,7 @@ done:
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (create_ipsec_tunnel_command, static) = {
.path = "create ipsec tunnel",
- .short_help = "create ipsec tunnel local-ip <addr> local-spi <spi> remote-ip <addr> remote-spi <spi> [instance <inst_num>]",
+ .short_help = "create ipsec tunnel local-ip <addr> local-spi <spi> remote-ip <addr> remote-spi <spi> [instance <inst_num>] [udp-encap]",
.function = create_ipsec_tunnel_command_fn,
};
/* *INDENT-ON* */