Does openswan support RFC 4301? I'm interested specifically in how it search in the SAD. <div><br></div><div>This RFC search as follows:<br><div><pre style="word-wrap: break-word; white-space: pre-wrap; "><span class="Apple-style-span" style="font-family: 'Times New Roman'; font-size: medium; "> </span><font class="Apple-style-span" face="'courier new', monospace"> 1. Search the SAD for a match on the combination of SPI,
destination address, and source address. If an SAD entry
matches, then process the inbound packet with that
matching SAD entry. Otherwise, proceed to step 2.
2. Search the SAD for a match on both SPI and destination address.
If the SAD entry matches, then process the inbound packet
with that matching SAD entry. Otherwise, proceed to step 3.
3. Search the SAD for a match on only SPI if the receiver has
chosen to maintain a single SPI space for AH and ESP, and on
both SPI and protocol, otherwise. If an SAD entry matches,
then process the inbound packet with that matching SAD entry.
Otherwise, discard the packet and log an auditable event.</font></pre><pre style="word-wrap: break-word; white-space: pre-wrap; font-family: 'Times New Roman'; font-size: medium; "><span class="Apple-style-span" style="font-family: arial, helvetica, sans-serif; font-size: small; ">Does openswan the same?</span></pre>
<pre style="word-wrap: break-word; white-space: pre-wrap; "><font class="Apple-style-span" face="arial, helvetica, sans-serif">Regards.</font></pre></div></div>