Scroll to navigation

rte_flow_action_security(3) DPDK rte_flow_action_security(3)

NAME

rte_flow_action_security

SYNOPSIS

#include <rte_flow.h>

Data Fields


void * security_session

Detailed Description

RTE_FLOW_ACTION_TYPE_SECURITY

Perform the security action on flows matched by the pattern items according to the configuration of the security session.

This action modifies the payload of matched flows. For INLINE_CRYPTO, the security protocol headers and IV are fully provided by the application as specified in the flow pattern. The payload of matching packets is encrypted on egress, and decrypted and authenticated on ingress. For INLINE_PROTOCOL, the security protocol is fully offloaded to HW, providing full encapsulation and decapsulation of packets in security protocols. The flow pattern specifies both the outer security header fields and the inner packet fields. The security session specified in the action must match the pattern parameters.

The security session specified in the action must be created on the same port as the flow action that is being specified.

The ingress/egress flow attribute should match that specified in the security session if the security session supports the definition of the direction.

Multiple flows can be configured to use the same security session.

The NULL value is allowed for security session. If security session is NULL, then SPI field in ESP flow item and IP addresses in flow items 'IPv4' and 'IPv6' will be allowed to be a range. The rule thus created can enable security processing on multiple flows.

Definition at line 3359 of file rte_flow.h.

Field Documentation

void* security_session

Pointer to security session structure.

Definition at line 3360 of file rte_flow.h.

Author

Generated automatically by Doxygen for DPDK from the source code.

Thu May 23 2024 Version 23.11.0