TCCIPsec_Functions

Purpose

This module provides access to the IPsec parameter databases: SADB and SPDB

Module Parameters

-

Module depends on

-

Summary
TCCIPsec_Functions This module provides access to the IPsec parameter databases: SADB and SPDB
Functions
f_IPsec_SADB_add Adds a Security Association to the database (SADB)
f_IPsec_SADB_delete Deletes a Security Association from the database (SADB)
f_IPsec_SADB_flush Deletes all Security Associations from the database (SADB)
f_IPsec_SPDB_add Adds a Security Policy to the database (SPDB)
f_IPsec_SPDB_delete Deletes a Security Policy from the database (SPD)
f_IPsec_SPDB_flush Deletes all Security Policies from the database (SPD)

Functions

f_IPsec_SADB_add

external function f_IPsec_SADB_add (
    in  charstring  srcAddress,   
    in  charstring  dstAddress,   
    in  TCCIPsec_Protocol  protocol,   
    in  integer  spi,   
    in TCCIPsec_ExtensionList  extensionList  :  =  {},
    in  TCCIPsec_Algorithm  alg,   
    in boolean  setparitybit  :  =  false,
    in TCCIPsec_IPsecMode  ipSecMode  :  =  anyMode
) return TCCIPsec_Result

Purpose

Adds a Security Association to the database (SADB)

Parameters

srcAddress in charstring - source IP address
dstAddress in charstring - destination IP address
protocol in TCCIPsec_Protocol - security protocol (esp or ah)
spi in integer - Security Parameter Index
extensionList in TCCIPsec_ExtensionList - list of extensions
alg in - TCCIPsec_Algorithm - encryption and integrity algorithms and keys
setparitybit in boolean - paritybit
ipSecMode in TCCIPsec_IPsecMode - mode transport, tunnel or anymode

Return Value

TCCIPsec_Result indicates success (ok) or error

Errors

-

Detailed description

-

f_IPsec_SADB_delete

external function f_IPsec_SADB_delete (
    in  charstring  srcAddress,
    in  charstring  dstAddress,
    in  TCCIPsec_Protocol  protocol,
    in  integer  spi
) return TCCIPsec_Result

Purpose

Deletes a Security Association from the database (SADB)

Parameters

srcAddress in charstring - source IP address
dstAddress in charstring - destination IP address
protocol in TCCIPsec_Protocol - security protocol (esp or ah)
spi in integer - Security Parameter Index

Return Value

TCCIPsec_Result indicates success (ok) or error

Errors

-

Detailed description

-

f_IPsec_SADB_flush

external function f_IPsec_SADB_flush () return TCCIPsec_Result

Purpose

Deletes all Security Associations from the database (SADB)

Parameters

-

Return Value

TCCIPsec_Result indicates success (ok) or error

Errors

-

Detailed description

-

f_IPsec_SPDB_add

external function f_IPsec_SPDB_add (
    in  charstring  srcAddress,   
    in integer  srcPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  srcPort  :  =  c_TCCIPsec_anyPort,
    in  charstring  dstAddress,   
    in integer  dstPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  dstPort  :  =  c_TCCIPsec_anyPort,
    in TCCIPsec_TranspProto  transpProto  :  =  anyTranspProto,
    in  TCCIPsec_PolicyDirection  dir,   
    in  TCCIPsec_PolicyRule  rule   
) return TCCIPsec_Result

Purpose

Adds a Security Policy to the database (SPDB)

Parameters

srcAddress in charstring - source IP address
srcPrefixLen in integer - indicates the source address range
srcPort in integer - source port
dstAddress in charstring - destination IP address
srcPrefixLen in integer - indicates the destination address range
srcPort in integer - destination port
transpProto in TCCIPsec_TranspProto - transport protocol (TCP or UDP)
dir in TCCIPsec_PolicyDirection - Direction of data traffic
rule in TCCIPsec_PolicyRule - Rule: how to handle the packet

Return Value

TCCIPsec_Result indicates success (ok) or error

Errors

-

Detailed description

-

f_IPsec_SPDB_delete

external function f_IPsec_SPDB_delete (
    in  charstring  srcAddress,   
    in integer  srcPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  srcPort  :  =  c_TCCIPsec_anyPort,
    in  charstring  dstAddress,   
    in integer  dstPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  dstPort  :  =  c_TCCIPsec_anyPort,
    in TCCIPsec_TranspProto  transpProto  :  =  anyTranspProto,
    in  TCCIPsec_PolicyDirection  dir   
) return TCCIPsec_Result

Purpose

Deletes a Security Policy from the database (SPD)

Parameters

srcAddress in charstring - source IP address
srcPrefixLen in integer - indicates the source address range
srcPort in integer - source port
dstAddress in charstring - destination IP address
srcPrefixLen in integer - indicates the destination address range
srcPort in integer - destination port
transpProto in TCCIPsec_TranspProto - transport protocol (TCP or UDP)
dir in TCCIPsec_PolicyDirection - Direction of data traffic

Return Value

TCCIPsec_Result indicates success (ok) or error

Errors

-

Detailed description

-

f_IPsec_SPDB_flush

external function f_IPsec_SPDB_flush () return TCCIPsec_Result

Purpose

Deletes all Security Policies from the database (SPD)

Parameters

-

Return Value

TCCIPsec_Result indicates success (ok) or error

Errors

-

Detailed description

-

external function f_IPsec_SADB_add (
    in  charstring  srcAddress,   
    in  charstring  dstAddress,   
    in  TCCIPsec_Protocol  protocol,   
    in  integer  spi,   
    in TCCIPsec_ExtensionList  extensionList  :  =  {},
    in  TCCIPsec_Algorithm  alg,   
    in boolean  setparitybit  :  =  false,
    in TCCIPsec_IPsecMode  ipSecMode  :  =  anyMode
) return TCCIPsec_Result
Adds a Security Association to the database (SADB)
external function f_IPsec_SADB_delete (
    in  charstring  srcAddress,
    in  charstring  dstAddress,
    in  TCCIPsec_Protocol  protocol,
    in  integer  spi
) return TCCIPsec_Result
Deletes a Security Association from the database (SADB)
external function f_IPsec_SADB_flush () return TCCIPsec_Result
Deletes all Security Associations from the database (SADB)
external function f_IPsec_SPDB_add (
    in  charstring  srcAddress,   
    in integer  srcPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  srcPort  :  =  c_TCCIPsec_anyPort,
    in  charstring  dstAddress,   
    in integer  dstPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  dstPort  :  =  c_TCCIPsec_anyPort,
    in TCCIPsec_TranspProto  transpProto  :  =  anyTranspProto,
    in  TCCIPsec_PolicyDirection  dir,   
    in  TCCIPsec_PolicyRule  rule   
) return TCCIPsec_Result
Adds a Security Policy to the database (SPDB)
external function f_IPsec_SPDB_delete (
    in  charstring  srcAddress,   
    in integer  srcPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  srcPort  :  =  c_TCCIPsec_anyPort,
    in  charstring  dstAddress,   
    in integer  dstPrefixLen  :  =  c_TCCIPsec_prefixAll,
    in integer  dstPort  :  =  c_TCCIPsec_anyPort,
    in TCCIPsec_TranspProto  transpProto  :  =  anyTranspProto,
    in  TCCIPsec_PolicyDirection  dir   
) return TCCIPsec_Result
Deletes a Security Policy from the database (SPD)
external function f_IPsec_SPDB_flush () return TCCIPsec_Result
Deletes all Security Policies from the database (SPD)
Declares identifiers for the possible security protocols
type record of TCCIPsec_Extension TCCIPsec_ExtensionList
Defines a list of extensions for the SA adding function
Defines a union for storing the possible combination of algorithms with its keys.
type enumerated TCCIPsec_IPsecMode { anyMode (0), transport (1), tunnel (2) }
Declares identifiers for the possible security association