networksecurity/ipsec/ipsecpol/src/ipsecpolmanutil.cpp
branchRCL_3
changeset 58 8d540f55e491
parent 57 abbed5a4b42a
child 75 c1029e558ef5
equal deleted inserted replaced
57:abbed5a4b42a 58:8d540f55e491
   263     stringBuf.Append(_L8(" outbound protocol 17 remote_port 67 = { }\n"));
   263     stringBuf.Append(_L8(" outbound protocol 17 remote_port 67 = { }\n"));
   264 
   264 
   265     // Inbound, protocol UDP, local_port 68
   265     // Inbound, protocol UDP, local_port 68
   266     stringBuf.Append(_L8(" inbound protocol 17 local_port 68 = { }\n"));
   266     stringBuf.Append(_L8(" inbound protocol 17 local_port 68 = { }\n"));
   267 
   267 
       
   268     if(iIPSecGANSupported)
       
   269         {
       
   270         // Outbound, protocol UDP, remote_port 67
       
   271         stringBuf.Append(_L8(" outbound protocol 17 remote_port 68 = { }\n"));
       
   272         // Inbound, protocol UDP, local_port 68
       
   273         stringBuf.Append(_L8(" inbound protocol 17 local_port 67 = { }\n"));
       
   274         }
       
   275 
       
   276 
   268     // Write the string to file
   277     // Write the string to file
   269     err = TPolicyParser::BufferAppend(aPolBfr, stringBuf);
   278     err = TPolicyParser::BufferAppend(aPolBfr, stringBuf);
   270     return err;
   279     return err;
   271     }
   280     }
   272 
   281 
   426                     || policySelector->iLocal.Port() == 434)))
   435                     || policySelector->iLocal.Port() == 434)))
   427             {
   436             {
   428             compWord |= 0x00400000;
   437             compWord |= 0x00400000;
   429             }
   438             }
   430 
   439 
   431         // Each selector has at least this bit set on
   440         //UMA support Req417-40027
   432         compWord |= 0x00000001;
   441         if(iIPSecGANSupported && policySelector->iSequenceNumber==0 && policySelector->iRemote.IsUnspecified() && policySelector->iRemoteMask.IsUnspecified())
       
   442             {
       
   443            LOG(Log::Printf(_L("::Buildcomparision, building comparison words for any to any selector\n")));
       
   444            
       
   445            //building lowest comparision word for any to any selector. Any to any selector should fall at the end of 
       
   446            //all selector list (except bypass selectors. If not then selector falling after this selector will have 
       
   447            //no significance.
       
   448             compWord = 0x000000001;
       
   449             policySelector->iCompWord = compWord;
       
   450             continue;
       
   451             }
       
   452 
       
   453         // Each selector has at least this bit set on.
       
   454         if(iIPSecGANSupported)
       
   455             {
       
   456             //Change to accomodate any to any selector.
       
   457             compWord |= 0x00000010;
       
   458             }
       
   459         else
       
   460             {
       
   461 		compWord |= 0x00000001;
       
   462             }
   433 
   463 
   434         // Store comparison word to the selector
   464         // Store comparison word to the selector
   435         policySelector->iCompWord = compWord;
   465         policySelector->iCompWord = compWord;
   436         }
   466         }
   437 
   467 
   588             ps->iSequenceNumber = 0xffffffff;
   618             ps->iSequenceNumber = 0xffffffff;
   589             }
   619             }
   590         }
   620         }
   591     }
   621     }
   592 
   622 
   593 //
   623 
       
   624 //  
       
   625 // UMAExceptionTrafficSelector = {UMAException %d }
       
   626 // This occurs only if the current policies are exception policy.
       
   627 // The network ID is supplied in braces any matching scope traffic will be honoured.
       
   628 ///////////////////////////////////////////////////////////////////
       
   629 //
       
   630 TInt 
       
   631 CIPSecPolicyManagerHandler::AddExceptionSelectors()
       
   632     {
       
   633     LOG(Log::Printf(_L("Add Exception selectors\n")));
       
   634     TInt err(KErrNone);
       
   635     if(iIPSecGANSupported)
       
   636         {
       
   637         TBuf8<128> stringBuf;
       
   638         stringBuf.Format(_L8(" UMAExceptionTrafficSelector = {UMAException %d }\n"),iVPNNetId);
       
   639         err = TPolicyParser::BufferAppend(iPolBfr, stringBuf);
       
   640         return err;
       
   641         }
       
   642     else
       
   643         {
       
   644         LOG(Log::Printf(_L("UMA/GAN support is not enabled and CIPSecPolicyManagerHandler::AddExceptionSelectors not supported")));
       
   645         return KErrNotSupported;
       
   646         }
       
   647     }
       
   648 
       
   649  
       
   650 
       
   651 ///////////////////////////////////////////////////////////////////
   594 // This function adds the following selectors to the end of the
   652 // This function adds the following selectors to the end of the
   595 // string format policy file:
   653 // string format policy file:
       
   654 //  inbound = { }%d
   596 //  inbound = { }
   655 //  inbound = { }
   597 //  outbound = { }
   656 //  outbound = { }
   598 //
   657 //
   599 // This occurs only if the current policies are in bypass mode.
   658 // This occurs only if the current policies are in bypass mode.
   600 // Bypass mode means that the packets that do not match with any other
   659 // Bypass mode means that the packets that do not match with any other
   604 TInt 
   663 TInt 
   605 CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair()
   664 CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair()
   606     {
   665     {
   607     TBuf8<128> stringBuf;
   666     TBuf8<128> stringBuf;
   608     TInt err(KErrNone);
   667     TInt err(KErrNone);
       
   668     LOG(Log::Printf(_L("CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair()\n")));	
   609 
   669 
   610     // If drop mode, return immediately
   670     // If drop mode, return immediately
   611     if (iBypassOrDropMode == KDropMode)
   671     if (iBypassOrDropMode == KDropMode)
   612         {
   672         {
       
   673         LOG(Log::Printf(_L("CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair(), not adding selectors combined mode is drop\n")));		
   613         return err;
   674         return err;
   614         }
   675         }
   615 
   676 
   616     // Add strings to work buffer
   677     // Add strings to work buffer
   617     if (iBypassOrDropMode & KInboundBypass)
   678     if (iBypassOrDropMode & KInboundBypass)