Hi Herbert,<div>Thanks for the update. Can you please let me know what is that change in the Outbound policy for which we need an update to make the Openswan work on Linux. It would be great if you point me to the part of the pluto / openswan code which actually does the policy update. </div>
<div><br></div><div>thanks and Regards,<br>Krishna<br><br>
<br><br><div class="gmail_quote">On Wed, May 6, 2009 at 10:32 AM, Herbert Xu <span dir="ltr"><<a href="mailto:herbert@gondor.apana.org.au">herbert@gondor.apana.org.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div class="im">On Tue, May 05, 2009 at 11:45:56AM -0400, Paul Wouters wrote:<br>
> On Tue, 5 May 2009, krishna murthy wrote:<br>
><br>
> (CC:ed Herbert, since he probably knows this code best, and bumping to <a href="mailto:dev@openswan.org">dev@openswan.org</a>)<br>
><br>
> > I am looking for Policy update notifications from the XFRM during the IPSec Re-keying. I look for the "XFRM_MSG_UPDPOLICY" event. The issue I see is that i Only get Policy updates for the Outbound Policies and not for the Inbound. Below is the dump of " ip xfrm monitor"<br>
> ><br>
> > Updated src <a href="http://9.1.1.0/24" target="_blank">9.1.1.0/24</a> dst <a href="http://11.0.0.0/8" target="_blank">11.0.0.0/8</a><br>
> > dir out priority 2360<br>
> > tmpl src 192.168.10.1 dst 192.168.10.2<br>
> > proto esp reqid 16385 mode tunnel<br>
> ><br>
> > never i see a policy update for the "dir=in". Please let me know if i am missing something.<br>
<br>
</div>We don't need to update policies when rekeying since the policies<br>
haven't changed. The outbound policy gets updated only because<br>
that was the easiest way of getting Openswan to work on Linu.x<br>
<br>
Cheers,<br>
<font color="#888888">--<br>
Visit Openswan at <a href="http://www.openswan.org/" target="_blank">http://www.openswan.org/</a><br>
Email: Herbert Xu ~{PmV>HI~} <<a href="mailto:herbert@gondor.apana.org.au">herbert@gondor.apana.org.au</a>><br>
Home Page: <a href="http://gondor.apana.org.au/~herbert/" target="_blank">http://gondor.apana.org.au/~herbert/</a><br>
PGP Key: <a href="http://gondor.apana.org.au/~herbert/pubkey.txt" target="_blank">http://gondor.apana.org.au/~herbert/pubkey.txt</a><br>
</font></blockquote></div><br></div>