tfPolicyAdd

Jump to: navigation, search

Table of Contents >> IPsec/IKE Programmer's Reference >> IPsec/IKE Function Reference


#include <trsocket.h>


ttPolicyEntryPtr tfPolicyAdd (
ttIpsecSelectorPtr selectorPtr,
ttPolicyContentPtr contentPtr,
ttUser8Bit direction,
ttUser16Bit ikePolicy,
ttUser16Bit priority,
ttUser16Bit manual,
int * errorPtr)
The highlighted parameters are conditional.
See the Parameters section for more details.



Function Description

Although tfPolicyRestore() is recommended to initialize the Security Policy Database (SPD), the user may call tfPolicyAdd() to add more policy entries into the SPD at runtime. Since tfPolicyAdd() is designed for internal use, we do not use string-formatted IP address for the parameters, instead all of the IP addresses involved in the structures are of type sockaddr_storage, which can store either an IPv4 or an IPv6 address.



Parameters

  • selectorPtr
    A pointer to a ttIpsecSelector structure that specifies the selector to use for this policy. Notice that selectorPtr is of type ttIpsecSelectorPtr, not of type ttIpsecSelectorInString pointer.
  • contentPtr
    A pointer to a ttPolicyContent structure that specifies the content of this policy. Notice that contentPtr is of type ttPolicyContentPtr, not of type ttPolicyContentInString pointer.
  • direction
    Specifies which direction this policy applies to. Valid value could be TM_IPSEC_INBOUND, TM_IPSEC_OUTBOUND, or TM_IPSEC_BOTH_DIRECTION.
  • ikePolicy
    The IKE policy specified by its unique priority. NOTE: This parameter is conditional and only present when TM_USE_IKE_POLICIES is defined at compile time.
  • priority
    IPsec policy priority.NOTE: This parameter is conditional and only present when TM_USE_PRIORITIES is defined at compile time.
  • manual
    Specify whether the policy is a manual policy (TM_8BIT_YES) or automatic policy (TM_8BIT_NO). Automatic policies use IKE. NOTE: This parameter is conditional and only present when TM_USE_MULTIPLE_PROPOSALS is defined at compile time.
  • errorPtr
    A pointer to an integer to store the error code in.


Returns

  • Valid ttPolicyEntryPtr
    Success.
  • NULL
    Error code is stored in *errorPtr.


Table of Contents >> IPsec/IKE Programmer's Reference >> IPsec/IKE Function Reference