equal
deleted
inserted
replaced
263 stringBuf.Append(_L8(" outbound protocol 17 remote_port 67 = { }\n")); |
263 stringBuf.Append(_L8(" outbound protocol 17 remote_port 67 = { }\n")); |
264 |
264 |
265 // Inbound, protocol UDP, local_port 68 |
265 // Inbound, protocol UDP, local_port 68 |
266 stringBuf.Append(_L8(" inbound protocol 17 local_port 68 = { }\n")); |
266 stringBuf.Append(_L8(" inbound protocol 17 local_port 68 = { }\n")); |
267 |
267 |
268 if(iIPSecGANSupported) |
|
269 { |
|
270 // Outbound, protocol UDP, remote_port 67 |
|
271 stringBuf.Append(_L8(" outbound protocol 17 remote_port 68 = { }\n")); |
|
272 // Inbound, protocol UDP, local_port 68 |
|
273 stringBuf.Append(_L8(" inbound protocol 17 local_port 67 = { }\n")); |
|
274 } |
|
275 |
|
276 |
|
277 // Write the string to file |
268 // Write the string to file |
278 err = TPolicyParser::BufferAppend(aPolBfr, stringBuf); |
269 err = TPolicyParser::BufferAppend(aPolBfr, stringBuf); |
279 return err; |
270 return err; |
280 } |
271 } |
281 |
272 |
435 || policySelector->iLocal.Port() == 434))) |
426 || policySelector->iLocal.Port() == 434))) |
436 { |
427 { |
437 compWord |= 0x00400000; |
428 compWord |= 0x00400000; |
438 } |
429 } |
439 |
430 |
440 //UMA support Req417-40027 |
431 // Each selector has at least this bit set on |
441 if(iIPSecGANSupported && policySelector->iSequenceNumber==0 && policySelector->iRemote.IsUnspecified() && policySelector->iRemoteMask.IsUnspecified()) |
432 compWord |= 0x00000001; |
442 { |
|
443 LOG(Log::Printf(_L("::Buildcomparision, building comparison words for any to any selector\n"))); |
|
444 |
|
445 //building lowest comparision word for any to any selector. Any to any selector should fall at the end of |
|
446 //all selector list (except bypass selectors. If not then selector falling after this selector will have |
|
447 //no significance. |
|
448 compWord = 0x000000001; |
|
449 policySelector->iCompWord = compWord; |
|
450 continue; |
|
451 } |
|
452 |
|
453 // Each selector has at least this bit set on. |
|
454 if(iIPSecGANSupported) |
|
455 { |
|
456 //Change to accomodate any to any selector. |
|
457 compWord |= 0x00000010; |
|
458 } |
|
459 else |
|
460 { |
|
461 compWord |= 0x00000001; |
|
462 } |
|
463 |
433 |
464 // Store comparison word to the selector |
434 // Store comparison word to the selector |
465 policySelector->iCompWord = compWord; |
435 policySelector->iCompWord = compWord; |
466 } |
436 } |
467 |
437 |
618 ps->iSequenceNumber = 0xffffffff; |
588 ps->iSequenceNumber = 0xffffffff; |
619 } |
589 } |
620 } |
590 } |
621 } |
591 } |
622 |
592 |
623 |
593 // |
624 // |
|
625 // UMAExceptionTrafficSelector = {UMAException %d } |
|
626 // This occurs only if the current policies are exception policy. |
|
627 // The network ID is supplied in braces any matching scope traffic will be honoured. |
|
628 /////////////////////////////////////////////////////////////////// |
|
629 // |
|
630 TInt |
|
631 CIPSecPolicyManagerHandler::AddExceptionSelectors() |
|
632 { |
|
633 LOG(Log::Printf(_L("Add Exception selectors\n"))); |
|
634 TInt err(KErrNone); |
|
635 if(iIPSecGANSupported) |
|
636 { |
|
637 TBuf8<128> stringBuf; |
|
638 stringBuf.Format(_L8(" UMAExceptionTrafficSelector = {UMAException %d }\n"),iVPNNetId); |
|
639 err = TPolicyParser::BufferAppend(iPolBfr, stringBuf); |
|
640 return err; |
|
641 } |
|
642 else |
|
643 { |
|
644 LOG(Log::Printf(_L("UMA/GAN support is not enabled and CIPSecPolicyManagerHandler::AddExceptionSelectors not supported"))); |
|
645 return KErrNotSupported; |
|
646 } |
|
647 } |
|
648 |
|
649 |
|
650 |
|
651 /////////////////////////////////////////////////////////////////// |
|
652 // This function adds the following selectors to the end of the |
594 // This function adds the following selectors to the end of the |
653 // string format policy file: |
595 // string format policy file: |
654 // inbound = { }%d |
|
655 // inbound = { } |
596 // inbound = { } |
656 // outbound = { } |
597 // outbound = { } |
657 // |
598 // |
658 // This occurs only if the current policies are in bypass mode. |
599 // This occurs only if the current policies are in bypass mode. |
659 // Bypass mode means that the packets that do not match with any other |
600 // Bypass mode means that the packets that do not match with any other |
663 TInt |
604 TInt |
664 CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair() |
605 CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair() |
665 { |
606 { |
666 TBuf8<128> stringBuf; |
607 TBuf8<128> stringBuf; |
667 TInt err(KErrNone); |
608 TInt err(KErrNone); |
668 LOG(Log::Printf(_L("CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair()\n"))); |
|
669 |
609 |
670 // If drop mode, return immediately |
610 // If drop mode, return immediately |
671 if (iBypassOrDropMode == KDropMode) |
611 if (iBypassOrDropMode == KDropMode) |
672 { |
612 { |
673 LOG(Log::Printf(_L("CIPSecPolicyManagerHandler::AddInboundOutboundSelectorPair(), not adding selectors combined mode is drop\n"))); |
|
674 return err; |
613 return err; |
675 } |
614 } |
676 |
615 |
677 // Add strings to work buffer |
616 // Add strings to work buffer |
678 if (iBypassOrDropMode & KInboundBypass) |
617 if (iBypassOrDropMode & KInboundBypass) |