Home | History | Annotate | Download | only in extensions

Lines Matching refs:match

29 "  --dir in|out			match policy applied during decapsulation/\n"
31 "  --pol none|ipsec		match policy\n"
32 "  --strict 			match entire policy instead of single element\n"
34 "[!] --reqid reqid		match reqid\n"
35 "[!] --spi spi			match SPI\n"
36 "[!] --proto proto		match protocol (ah/esp/ipcomp)\n"
37 "[!] --mode mode 		match mode (transport/tunnel)\n"
38 "[!] --tunnel-src addr/masklen	match tunnel source\n"
39 "[!] --tunnel-dst addr/masklen	match tunnel destination\n"
156 	exit_error(PARAMETER_PROBLEM, "policy match: invalid policy `%s'", s);
165 	exit_error(PARAMETER_PROBLEM, "policy match: invalid mode `%s'", s);
171                  struct ip6t_entry_match **match)
173 	struct ip6t_policy_info *info = (void *)(*match)->data;
185 			           "policy match: double --dir option");
188 			           "policy match: can't invert --dir option");
195 			           "policy match: can't invert --policy option");
202 			           "policy match: double --strict option");
206 			           "policy match: can't invert --strict option");
211 		if (e->match.reqid)
213 			           "policy match: double --reqid option");
215 		e->match.reqid = 1;
220 		if (e->match.spi)
222 			           "policy match: double --spi option");
224 		e->match.spi = 1;
229 		if (e->match.saddr)
231 			           "policy match: double --tunnel-src option");
236 			           "policy match: name resolves to multiple IPs");
238 		e->match.saddr = 1;
244 		if (e->match.daddr)
246 			           "policy match: double --tunnel-dst option");
251 			           "policy match: name resolves to multiple IPs");
253 		e->match.daddr = 1;
259 		if (e->match.proto)
261 			           "policy match: double --proto option");
267 			           "policy match: protocol must ah/esp/ipcomp");
268 		e->match.proto = 1;
272 		if (e->match.mode)
274 			           "policy match: double --mode option");
277 		e->match.mode = 1;
284 			           "policy match: can't invert --next option");
288 			           "policy match: maximum policy depth reached");
306 		           "policy match: no parameters given");
310 		           "policy match: neither --in nor --out specified");
315 			           "policy match: policy none but --strict given");
319 			           "policy match: policy none but policy given");
325 		           "policy match: multiple elements but no --strict");
331 		    !(e->match.reqid || e->match.spi || e->match.saddr ||
332                       e->match.daddr || e->match.proto || e->match.mode))
334                                    "policy match: empty policy element");
336 		if ((e->match.saddr || e->match.daddr)
340 			           "policy match: --tunnel-src/--tunnel-dst "
384 	if (e->match.reqid) {
388 	if (e->match.spi) {
392 	if (e->match.proto) {
396 	if (e->match.mode) {
400 	if (e->match.daddr) {
406 	if (e->match.saddr) {
431                   const struct ip6t_entry_match *match,
434 	const struct ip6t_policy_info *info = (void *)match->data;
437 	printf("policy match ");
448 static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match)
450 	const struct ip6t_policy_info *info = (void *)match->data;