tfUseIpsecLogging

Jump to: navigation, search

Table of Contents >> IPsec/IKE Programmer's Reference >> IPsec/IKE Function Reference


#include <trsocket.h>


int tfUseIpsecLogging (ttUser16Bit numLogMsgs);


Function Description

This function and tfIpsecLogWalk are two public API for packet logging using Ipsec, especially for packet filter/logging cases such as pass, pass-log, reject, reject-log, ipsec policy and ipsec policy-log. Pass and Reject constrains can be implemented by setting TM_PFLAG_BYPASS and TM_PFLAG_DISCARD policy flag, respectively. Packet Logging should be enabled by setting TM_PFLAG_LOG flag in the corresponding policy.

Each log packet will be stored in a circular buffer and includes its selector, policy flag and first 40 bytes starting from upper layer header (TCP, UDP, ICMP) as ASCII format (available output by printf). tfUseIpsecLogging is to allocate the log message buffer and must be called after tfUseIpsec function. tfIpsecLogWalk is for going through the log buffer and running a callback function for each message.


Parameters

  • numLogMsgs
    The maximum log message number in the circular buffer. The newest message will replace the oldest message if there is not empty space in the buffer.


Returns

  • TM_ENOERROR
    Successful
  • TM_EIPSECNOTINITIALIZED
    TM_USE_IPSEC is not defined, or tvIpsecPtr is not correctly allocated
  • TM_ENOBUFS
    No more buffers available


Table of Contents >> IPsec/IKE Programmer's Reference >> IPsec/IKE Function Reference