summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ipsec_sa.c
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2019-02-04 01:10:30 -0800
committerDave Barach <openvpp@barachs.net>2019-02-05 14:59:44 +0000
commita09c1ff5b6ae535932b4fc9477ffc4e39748ca62 (patch)
treee7162669c6224358f28e5614c782e2ba73a08e6c /src/vnet/ipsec/ipsec_sa.c
parent3117ad8aa50afba68b2fa2c7f2b6f91eeb5a555e (diff)
IPSEC: SPD counters in the stats sgement
- return the stats_index of each SPD in the create API call - no ip_any in the API as this creates 2 SPD entries. client must add both v4 and v6 explicitly - only one pool of SPD entries (rhter than one per-SPD) to support this - no packets/bytes in the dump API. Polling the stats segment is much more efficient (if the SA lifetime is based on packet/bytes) - emit the policy index in the packet trace and CLI commands. Change-Id: I7eaf52c9d0495fa24450facf55229941279b8569 Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ipsec/ipsec_sa.c')
-rw-r--r--src/vnet/ipsec/ipsec_sa.c17
1 files changed, 7 insertions, 10 deletions
diff --git a/src/vnet/ipsec/ipsec_sa.c b/src/vnet/ipsec/ipsec_sa.c
index a76197b9f50..d439b4d46d3 100644
--- a/src/vnet/ipsec/ipsec_sa.c
+++ b/src/vnet/ipsec/ipsec_sa.c
@@ -86,19 +86,16 @@ u8
ipsec_is_sa_used (u32 sa_index)
{
ipsec_main_t *im = &ipsec_main;
- ipsec_spd_t *spd;
- ipsec_policy_t *p;
ipsec_tunnel_if_t *t;
+ ipsec_policy_t *p;
/* *INDENT-OFF* */
- pool_foreach(spd, im->spds, ({
- pool_foreach(p, spd->policies, ({
- if (p->policy == IPSEC_POLICY_ACTION_PROTECT)
- {
- if (p->sa_index == sa_index)
- return 1;
- }
- }));
+ pool_foreach(p, im->policies, ({
+ if (p->policy == IPSEC_POLICY_ACTION_PROTECT)
+ {
+ if (p->sa_index == sa_index)
+ return 1;
+ }
}));
pool_foreach(t, im->tunnel_interfaces, ({