[Openswan dev] Problem with KLIPS (attachment to device, additional route rules)

Maya Zimerman maya.zimerman at gmail.com
Sun Nov 27 17:02:13 CET 2005


Hi,
I am using the OpenSwan package on a Linux machine in which a bridge is also
configured. I have seen that the KLIPS attaches to the bridge device and as
a consequence it modifies the original route rules which I have configure in
route table main and local. I tried to remove the rules, but discovered that
this has a bad effect, since the ipsec connection failed. Detaching the
ipsec device from the bridge is not so easy since the whole architecture
seems to depend on this operation.
If you are asking yourself why would anyone want to remove the route rules
or detach the ipsec device? - I have an additional device in my system. I
use route rules in table main and local to transmit traffic to that device.
I cannot loose this flow when introducing ipsec to my system.
I am aware of the fact that the driver was written like that to ease
integration to a standard Linux machine. I am willing to patch the driver in
order to solve my problem if needed.
Can anyone help/recommend any solution to my problem.

Thanks!!!

Maya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20051127/bf9c07cc/attachment.htm


More information about the Dev mailing list