_EFI_IPSEC_PROCESS_POLICY Struct Reference


Data Fields

BOOLEAN ExtSeqNum
BOOLEAN SeqOverflow
BOOLEAN FragCheck
EFI_IPSEC_SA_LIFETIME SaLifetime
EFI_IPSEC_MODE Mode
EFI_IPSEC_TUNNEL_OPTIONTunnelOption
EFI_IPSEC_PROTOCOL_TYPE Proto
UINT8 AuthAlgoId
UINT8 EncAlgoId

Detailed Description

EFI_IPSEC_PROCESS_POLICY describes a policy list for traffic processing.

Field Documentation

Cryptographic algorithm type used for authentication.

Cryptographic algorithm type used for encryption. EncAlgo is NULL when IPsec protocol is AH. For ESP protocol, EncAlgo can also be used to describe the algorithm if a combined mode algorithm is used.

Extended Sequence Number. Is this SA using extended sequence numbers. 64 bit counter is used if TRUE.

Is this SA using stateful fragment checking. TRUE represents stateful fragment checking.

IPsec mode: tunnel or transport.

IPsec protocol: AH or ESP

A time interval after which a SA must be replaced with a new SA (and new SPI) or terminated.

A flag indicating whether overflow of the sequence number counter should generate an auditable event and prevent transmission of additional packets on the SA, or whether rollover is permitted.

Tunnel Option. TunnelOption is ignored if Mode is EfiIPsecTransport.


Generated on Thu Sep 24 23:14:26 2015 for MdePkg[ALL] by  doxygen 1.5.7.1