Completed postamble.

	modulepar { IpSecProtocol PX_IP_SEC_PROTOCOL := e_esp }

	/*

	 * @desc Which protocol mode shall be used in vc_sad[c_saOut]?

	 * @desc Which protocol mode shall be used in vc_sad[c_saRes]?

	*/

	modulepar { IpSecProtocolMode PX_IP_SEC_PROTOCOL_MODE := e_transportMode }

	/*

	 * @desc Which Algo mode shall be used for Encryption in vc_sad[c_saOut]?

	 * @desc Which Algo mode shall be used for Encryption in vc_sad[c_saRes]?

	*/

	modulepar { EncryptionAlgo PX_ENCRYPTION_ALGO := e_encr_3Des }

	/*

	 * @desc Which Algo mode shall be used for Integrity in vc_sad[c_saOut]?

	 * @desc Which Algo mode shall be used for Integrity in vc_sad[c_saRes]?

	*/

	modulepar { IntegrityAlgo PX_INTEGRITY_ALGO := e_auth_hmacSha1_96 }

	/*

	 * @desc Which Algo mode shall be used for Integrity in vc_sad[c_saOut]?

	 * @desc Which Algo mode shall be used for Integrity in vc_sad[c_saRes]?

	*/

//	modulepar { CombinedModeAlgo PX_COMBINED_MODE_ALGO := e_null }

	//modulepar {octetstring PX_IV := '000102030405'O }

	/*

	 * @desc Key for integrity vc_sad[c_saOut]

	 * @desc Key for integrity vc_sad[c_saRes]

	*/

	modulepar {octetstring PX_INTEGRITY_KEY := '000102030405'O }

	/*

	 * @desc Key for encryption in vc_sad[c_saOut]

	 * @desc Key for encryption in vc_sad[c_saRes]

	*/

	modulepar {octetstring PX_ESP_ENCR_KEY := 'A1A2A3A4'O}

	/*

	 * @desc Key for combined mode in vc_sad[c_saOut]

	 * @desc Key for combined mode in vc_sad[c_saRes]

	*/

//	modulepar {octetstring PX_COMBINED_MODE_KEY := 'B1B2B3B4'O}

	return FncRetCode {

		var FncRetCode v_ret := e_error;

		if (vc_sad[0].ipSecProtocolMode != e_transportMode) {

		if (vc_sad[c_saIni].ipSecProtocolMode != e_transportMode) {

			log("**** f_replyToEchoReq_transportMode; Error SA does not indicate transport Mode, but transport Mode is required****");

			return e_error;

		}

						p_paramsTn.gla,

						m_extHdrList_1Elem (

							mw_extHdr_espHeader(

								vc_sad[0].spi,

								vc_sad[c_saIni].spi,

								p_seqNr,

								m_espIpDatagram(

									omit,

				p_paramsIut.gla,

				m_extHdrList_1Elem (

					m_extHdr_espHeader(

						vc_sad[0].spi,

						vc_sad[c_saRes].spi,

						p_seqNr + 1,

						m_espIpDatagram(

							omit,

	return FncRetCode {

		var FncRetCode v_ret := e_error;

		if (vc_sad[0].ipSecProtocolMode != e_tunnelMode) {

		if (vc_sad[c_saIni].ipSecProtocolMode != e_tunnelMode) {

			log("**** f_replyToEchoReq_tunnelMode; Error SA does not indicate tunnel Mode, but tunnel Mode is required****");

			return e_error;

		}

						p_paramsTunnelStart.gla,

						mw_extHdrList_1Elem_superSet (

							mw_extHdr_espHeader(

								vc_sad[0].spi,

								vc_sad[c_saIni].spi,

								p_seqNr,

								m_espIpDatagram(

									m_extHdrList_1Elem(

				p_paramsTunnelEnd.gla,

				m_extHdrList_1Elem (

					m_extHdr_espHeader(

						vc_sad[0].spi,

						vc_sad[c_saRes].spi,

						p_seqNr + 1,

						m_espIpDatagram(

							m_extHdrList_1Elem(

	{

		var EchoRequest v_echoRequest;

		if (vc_sad[0].ipSecProtocolMode == e_transportMode) {

		if (vc_sad[c_saRes].ipSecProtocolMode == e_transportMode) {

			// Transport mode

			v_echoRequest := valueof(m_echoRequest_extHdr_noData (

				c_authHdr,

				m_extHdrList_1Elem (

					m_extHdr_AHHeaders(

						c_icmpHdr,

						vc_sad[0].spi,

						vc_sad[0].seqNr)),

						vc_sad[c_saRes].spi,

						vc_sad[c_saRes].seqNr)),

				p_paramsTn.gla,

				p_paramsIut.gla,

				c_defId,

				m_extHdrList_2Elem (

					m_extHdr_AHHeaders(

						c_tunneledIpHdr,

						vc_sad[0].spi,

						vc_sad[0].seqNr),

						vc_sad[c_saRes].spi,

						vc_sad[c_saRes].seqNr),

					m_extHdr_tunneledHeader (

						c_icmpHdr,

						p_paramsTn.gla,

	{

		var EchoRequest v_echoRequest;

		if (vc_sad[0].ipSecProtocolMode == e_transportMode) {

		if (vc_sad[c_saRes].ipSecProtocolMode == e_transportMode) {

			// Transport mode

			v_echoRequest := valueof(m_echoRequest_extHdr_noData (

				c_authHdr,

			m_extHdrList_1Elem (

				m_extHdr_AHHeaders(

					c_icmpHdr,

					vc_sad[0].spi,

					vc_sad[0].seqNr)),

					vc_sad[c_saRes].spi,

					vc_sad[c_saRes].seqNr)),

				p_paramsRt.gla,

				p_paramsIut.gla,

				p_id,

			m_extHdrList_1Elem (

				m_extHdr_AHHeaders(

					c_tunneledIpHdr,

					vc_sad[0].spi,

					vc_sad[0].seqNr)),

					vc_sad[c_saRes].spi,

					vc_sad[c_saRes].seqNr)),

				p_paramsRt.gla,

				p_paramsIut.gla,

				p_id,

	{

		var EchoRequest v_echoRequest;

		if (vc_sad[0].ipSecProtocolMode == e_transportMode) {

		if (vc_sad[c_saRes].ipSecProtocolMode == e_transportMode) {

			// Transport mode

			v_echoRequest := valueof(m_echoRequest_extHdr_noData (

				c_authHdr,

				m_extHdrList_1Elem (

					m_extHdr_AHHeaders(

						c_icmpHdr,

						vc_sad[0].spi,

						vc_sad[0].seqNr)),

						vc_sad[c_saRes].spi,

						vc_sad[c_saRes].seqNr)),

				p_paramsTn.lla,

				p_paramsIut.lla,

				c_defId,

				m_extHdrList_2Elem (

					m_extHdr_AHHeaders(

						c_tunneledIpHdr,

						vc_sad[0].spi,

						vc_sad[0].seqNr),

						vc_sad[c_saRes].spi,

						vc_sad[c_saRes].seqNr),

					m_extHdr_tunneledHeader (

						c_icmpHdr,

						p_paramsTn.lla,

			var EchoRequest v_echoRequest;

			if (vc_sad[0].ipSecProtocolMode == e_transportMode) {

			if (vc_sad[c_saRes].ipSecProtocolMode == e_transportMode) {

				// Transport mode

				v_echoRequest := valueof(m_echoRequest_extHdr_noData (

					c_authHdr,

					m_extHdrList_2Elem (

						m_extHdr_AHHeaders(

							c_fragHdr,

							vc_sad[0].spi,

							vc_sad[0].seqNr), // ICV is set to 0 before authentication

							vc_sad[c_saRes].spi,

							vc_sad[c_saRes].seqNr), // ICV is set to 0 before authentication

						m_extHdr_fragmentHeader(

							c_icmpHdr,

							c_fragOffset2,

					m_extHdrList_3Elem (

						m_extHdr_AHHeaders(

							c_tunneledIpHdr,

							vc_sad[0].spi,

							vc_sad[0].seqNr),

							vc_sad[c_saRes].spi,

							vc_sad[c_saRes].seqNr),

						m_extHdr_tunneledHeader (

							c_fragHdr,

							p_paramsRt.gla,

			var NeighborSolicitation v_nbrSol;

			if (vc_sad[0].ipSecProtocolMode == e_transportMode) {

			if (vc_sad[c_saRes].ipSecProtocolMode == e_transportMode) {

				// Transport mode

				v_nbrSol := valueof(m_nbrSol_extHdr (

					c_authHdr,

					m_extHdrList_1Elem (

						m_extHdr_AHHeaders(

							c_icmpHdr,

							vc_sad[0].spi,

							vc_sad[0].seqNr)))); // ICV is set to 0 before authentication

							vc_sad[c_saRes].spi,

							vc_sad[c_saRes].seqNr)))); // ICV is set to 0 before authentication

			}else{

			// Generate a Neigbor Solicitation message with Authentication Header in tunnel mode

				v_nbrSol := valueof(m_nbrSol_extHdr (

					m_extHdrList_1Elem (

						m_extHdr_AHHeaders(

							c_tunneledIpHdr,

							vc_sad[0].spi,

							vc_sad[0].seqNr))));

							vc_sad[c_saRes].spi,

							vc_sad[c_saRes].seqNr))));

		}

		return v_nbrSol;

	}// end f_generateNrbSolWithAh

					vc_ikeSad[0].messageID := vc_ikeSad[0].messageID + 1;

					v_ret := f_analyzeIkeAuthReq(v_ipv6Packet,v_protocolId);

					p_protocolId := v_protocolId;

					vc_sad[0].ipSecProtocolMode := e_transportMode;

					vc_sad[c_saIni].ipSecProtocolMode := e_transportMode;

				}

			// Tunnel mode, Notify payload requesting 'UseTransportMode' is not included in IKE_AUTH request

					vc_ikeSad[0].messageID := vc_ikeSad[0].messageID + 1;

					v_ret := f_analyzeIkeAuthReq(v_ipv6Packet,v_protocolId);

					p_protocolId := v_protocolId;

					vc_sad[0].ipSecProtocolMode := e_tunnelMode;

					vc_sad[c_saIni].ipSecProtocolMode := e_tunnelMode;

				}

			[]	tc_wait.timeout

												mw_encryptedPLL(mw_ikeAuthRspTransportModePLL))) -> value v_ipv6Packet

				{

					tc_wait.stop;

					if (vc_sad[0].ipSecProtocolMode == e_transportMode)

					if (vc_sad[c_saIni].ipSecProtocolMode == e_transportMode)

					{ vc_ikeSad[0].messageID := vc_ikeSad[0].messageID + 1;

					  v_ret := f_analyzeIkeAuthRsp(v_ipv6Packet);}

					else

		);

		if (v_ret != e_success) { return v_ret;}

		tc_wait.start;

		alt {

			[]	ipPort.receive(

						mw_ikeInfoResp (

								p_addrIut,

								p_addrTn,

								vc_ikeSad[0].udpIutPort,

								vc_ikeSad[0].udpTnPort,

								vc_ikeSad[0].spiInitiator,

								vc_ikeSad[0].spiResponder,

								vc_ikeSad[0].messageID,

								m_ikePlList_1Elem(

									mw_encryptedPL(

										m_ikePlList_1Elem(mw_delIkeSaPL)

									)

								)

							)

						)

				{

					tc_wait.stop;

					log("**** f_delIkeSa: IKE SA deleted successfully! **** ");

					v_ret := e_success;

				}

			[]	tc_wait.timeout

				{

					v_ret :=  e_timeout;

					log("**** f_delIkeSa: ERROR: tc_wait.timeout, IKE SA not deleted! **** ");

					v_ret := e_error;

				}		

		} // end alt

		return v_ret;

	} // end deleteSAFns

		}

	}//end group ikeInfoRequestTemplates

	group ikeInfoResponseTemplates {

		template InformationalResponse mw_ikeInfoResp (template Ipv6Address p_src,

													 template Ipv6Address p_dst,

													 UInt16 p_udpSourcePort,

													 UInt16 p_udpDestPort,

													 Oct8 p_initiatorSpi,

													 Oct8 p_responderSpi,

													 UInt32 p_messageID,

													 template IkePayloadList p_ikepayloads) := {

			ipv6Hdr :=  mw_ipHdr_nextHdr_srcDst(c_udpHdr, p_src, p_dst),

			extHdrList        := omit,

			ipv6Payload       := { ikeMsg := {

				sourcePort    := p_udpSourcePort, 

				destPort      := p_udpDestPort,

				msgLength     := ?,																																								

				checksum      := ?,

				padding       := c_4ZeroBytes ifpresent,

				// IKEv2 Header

				ikev2Header	  := {

					initiatorSpi  := p_initiatorSpi,

					responderSpi  := p_responderSpi,

					nextPayload   := ?,

					majorVersion  := c_ikeMajorVersion2,

					minorVersion  := c_ikeMinorVersion0,

					exchangeType  := c_informational,

					twoXFlags     := ?,

					rFlag         := c_rFlagResponse,

					vFlag         := c_vFlag,

					iFlag         := c_iFlagResponder,

					threeXFlags   := ?,

					messageID     := p_messageID,

					messageLength := ?

				},

				// IKEv2 Payloads

				payloadList   := p_ikepayloads

			}}

		}

	template InformationalResponse m_ikeInfoResp (template Ipv6Address p_src,

												template Ipv6Address p_dst,

												UInt16 p_udpsourcePort,

												UInt16 p_udpdestPort,

												Oct8 p_initiatorSpi,

												Oct8 p_responderSpi,

												UInt1 p_iFlag,

												UInt8 p_nextPayload,

												UInt32 p_messageID,

												template IkePayloadList p_ikepayloads) := {

			ipv6Hdr :=  m_ipHdr_nextHdr_srcDst(c_udpHdr, p_src, p_dst),

			extHdrList        := omit,

			ipv6Payload       := {

				ikeMsg := {

					sourcePort    := p_udpsourcePort, 

					destPort      := p_udpdestPort,

					msgLength     := c_uInt16Zero,																																								

					checksum      := c_2ZeroBytes,

					padding       := omit,

					// IKEv2 Header

					ikev2Header := {

						initiatorSpi  := p_initiatorSpi,

						responderSpi  := p_responderSpi,

						nextPayload   := p_nextPayload,

						majorVersion  := c_ikeMajorVersion2,

						minorVersion  := c_ikeMinorVersion0,

						exchangeType  := c_informational,

						twoXFlags     := 0,

						rFlag         := c_rFlagResponse,

						vFlag         := c_vFlag,

						iFlag         := p_iFlag,

						threeXFlags   := 0,

						messageID     := p_messageID,

						messageLength := 0

					},

					// IKEv2 Payloads

					payloadList   := p_ikepayloads

				}

			}

		}

	}//end group ikeInfoResponseTemplates

	group payLoadListTemplates {

		template IkePayloadList mw_ikeSaInitReqPLL :=

					nextPayload	 := ?,

					criticalFlag := 0,

					reserved	 := ?,

					payloadLength := ?,

					protocolId   := c_protocolIke,

					spiSize      := c_spiSize0,

					numberOfSpi  := c_uInt16Zero,

					nextPayload	 := p_nextPayload,

					criticalFlag := 0,

					reserved	 := c_uInt7Zero,

					payloadLength := 8,

					protocolId   := c_protocolIke,

					spiSize      := c_spiSize0,

					numberOfSpi  := c_uInt16Zero,

				UInt8			nextPayload,

				UInt1			criticalFlag,

				UInt7			reserved,

				UInt16			payloadLength,

				UInt8			protocolId,

				UInt8			spiSize,

				UInt16			numberOfSpi,