libipsec: Pass the same data to del_policy() as to add_policy()
[strongswan.git] / src / libipsec / ipsec_policy_mgr.h
index dfa4b12..0ea797e 100644 (file)
@@ -71,18 +71,21 @@ struct ipsec_policy_mgr_t {
        /**
         * Remove a policy
         *
+        * @param src                   source address of SA
+        * @param dst                   dest address of SA
         * @param src_ts                traffic selector to match traffic source
         * @param dst_ts                traffic selector to match traffic dest
         * @param direction             direction of traffic, POLICY_(IN|OUT|FWD)
-        * @param reqid                 unique ID of the associated SA
+        * @param type                  type of policy, POLICY_(IPSEC|PASS|DROP)
+        * @param sa                    details about the SA(s) tied to this policy
         * @param mark                  optional mark
         * @param priority              priority of the policy
         * @return                              SUCCESS if operation completed
         */
        status_t (*del_policy)(ipsec_policy_mgr_t *this,
-                                                  traffic_selector_t *src_ts,
-                                                  traffic_selector_t *dst_ts,
-                                                  policy_dir_t direction, u_int32_t reqid, mark_t mark,
+                                                  host_t *src, host_t *dst, traffic_selector_t *src_ts,
+                                                  traffic_selector_t *dst_ts, policy_dir_t direction,
+                                                  policy_type_t type, ipsec_sa_cfg_t *sa, mark_t mark,
                                                   policy_priority_t priority);
 
        /**
@@ -97,10 +100,12 @@ struct ipsec_policy_mgr_t {
         *
         * @param packet                IP packet to match
         * @param inbound               TRUE for an inbound packet
+        * @param reqid                 require a policy with a specific reqid, 0 for any
         * @return                              reference to the policy, or NULL if none found
         */
        ipsec_policy_t *(*find_by_packet)(ipsec_policy_mgr_t *this,
-                                                                         ip_packet_t *packet, bool inbound);
+                                                                         ip_packet_t *packet, bool inbound,
+                                                                         u_int32_t reqid);
 
        /**
         * Destroy an ipsec_policy_mgr_t