long ipsecPolicyGetParameter(long policy, char[] parameter, char[] value); // form 1
long ipsecPolicyGetParameter(long policy, char[] parameter, IP_Endpoint value); // form 2
long ipsecPolicyGetParameter(long policy, char[] parameter, dword value); // form 3

on start
{
  dword socket;

  // add a policy
  IpSecPolicyDatabaseAdd(ip_Endpoint(0.0.0.0:0), 0, ip_Endpoint(192.168.1.0:0), 24, "any", "out ipsec ah/transport//require");

  // try to send data which matches the policy -> this will trigger OnIpsecSadbAcquire
  socket = udpOpen(ip_Endpoint(0.0.0.0:0));
  udpSendTo(socket, ip_Endpoint(192.168.1.10:12345), "hello world", 11);
}

void PrintSecurityPolicyParameter(long handle, char parameterName[])
{
  char value[100];
  ip_Endpoint ep;
  if(ipsecPolicyGetParameter(handle, parameterName, value) >= 0)
  {
    write("%s: %s", parameterName, value);
  }
  else if(ipsecPolicyGetParameter(handle, parameterName, ep) >= 0)
  {
    ep.PrintEndpointToString(value);
    write("%s: %s", parameterName, value);
  }
}

void OnIpsecSadbAcquire(ip_Endpoint source, ip_Endpoint destination, long policyHandle)
{
  PrintSecurityPolicyParameter(policyHandle, "source");
  PrintSecurityPolicyParameter(policyHandle, "destination");
  PrintSecurityPolicyParameter(policyHandle, "protocol");
  PrintSecurityPolicyParameter(policyHandle, "mode");
  PrintSecurityPolicyParameter(policyHandle, "level");
  PrintSecurityPolicyParameter(policyHandle, "policytype");
}