ipsec: add input node bypass/discard functionality add bypass/discard functionality to ipsec4-input-feature node Type: feature Signed-off-by: ShivaShankarK <shivaashankar1204@gmail.com> Change-Id: I152a5dfee0296109cccabe349a330dbbe395cc6c

commit: 0546483ce0b16acb82807aab290ff203e961b23a [log] [tgz]
author: ShivaShankarK <shivaashankar1204@gmail.com> Tue Apr 14 14:01:03 2020 +0530
committer: Neale Ranns <nranns@cisco.com> Fri Apr 24 07:37:20 2020 +0000
tree: 6895dee993862e91da0ef0e7ee550b053756bf79
parent: b5c0d35f9445d4d99f2c5c7bd3175e68721a8ee5 [diff] [blame]
diff --git a/src/vnet/ipsec/ipsec_spd_policy.c b/src/vnet/ipsec/ipsec_spd_policy.c
index 6424210..05cfdf0 100644
--- a/src/vnet/ipsec/ipsec_spd_policy.c
+++ b/src/vnet/ipsec/ipsec_spd_policy.c

@@ -123,6 +123,10 @@
 		   IPSEC_SPD_POLICY_IP4_INBOUND_BYPASS);
 	  return (0);
 	case IPSEC_POLICY_ACTION_DISCARD:
+	  *type = (is_ipv6 ?
+		   IPSEC_SPD_POLICY_IP6_INBOUND_DISCARD :
+		   IPSEC_SPD_POLICY_IP4_INBOUND_DISCARD);
+	  return (0);
 	case IPSEC_POLICY_ACTION_RESOLVE:
 	  break;
 	}
commit	0546483ce0b16acb82807aab290ff203e961b23a	[log] [tgz]
author	ShivaShankarK <shivaashankar1204@gmail.com>	Tue Apr 14 14:01:03 2020 +0530
committer	Neale Ranns <nranns@cisco.com>	Fri Apr 24 07:37:20 2020 +0000
tree	6895dee993862e91da0ef0e7ee550b053756bf79
parent	b5c0d35f9445d4d99f2c5c7bd3175e68721a8ee5 [diff] [blame]