#include <netdb.h>
#include <linux/netlink.h>
#include <linux/rtnetlink.h>
+#include <linux/udp.h>
#include "utils.h"
#include "xfrm.h"
fprintf(fp, "type ");
switch (e->encap_type) {
- case 1:
+ case UDP_ENCAP_ESPINUDP_NON_IKE:
fprintf(fp, "espinudp-nonike ");
break;
- case 2:
+ case UDP_ENCAP_ESPINUDP:
fprintf(fp, "espinudp ");
break;
+ case TCP_ENCAP_ESPINTCP:
+ fprintf(fp, "espintcp ");
+ break;
default:
fprintf(fp, "%u ", e->encap_type);
break;
char **argv = *argvp;
if (strcmp(*argv, "espinudp-nonike") == 0)
- *type = 1;
+ *type = UDP_ENCAP_ESPINUDP_NON_IKE;
else if (strcmp(*argv, "espinudp") == 0)
- *type = 2;
+ *type = UDP_ENCAP_ESPINUDP;
+ else if (strcmp(*argv, "espintcp") == 0)
+ *type = TCP_ENCAP_ESPINTCP;
else
invarg("ENCAP-TYPE value is invalid", *argv);
"LIMIT-LIST := [ LIMIT-LIST ] limit LIMIT\n"
"LIMIT := { time-soft | time-hard | time-use-soft | time-use-hard } SECONDS |\n"
" { byte-soft | byte-hard } SIZE | { packet-soft | packet-hard } COUNT\n"
- "ENCAP := { espinudp | espinudp-nonike } SPORT DPORT OADDR\n"
+ "ENCAP := { espinudp | espinudp-nonike | espintcp } SPORT DPORT OADDR\n"
"DIR := in | out\n");
exit(-1);
.ti -8
.IR ENCAP " :="
-.RB "{ " espinudp " | " espinudp-nonike " }"
+.RB "{ " espinudp " | " espinudp-nonike " | " espintcp " }"
.IR SPORT " " DPORT " " OADDR
.ti -8
.TP
.I ENCAP
encapsulates packets with protocol
-.BR espinudp " or " espinudp-nonike ","
+.BR espinudp ", " espinudp-nonike ", or " espintcp ","
.RI "using source port " SPORT ", destination port " DPORT
.RI ", and original address " OADDR "."