[Openswan dev] Some question about the ipsec tunnel interface
宋林健
songlinjian at gmail.com
Wed Jun 4 06:10:54 EDT 2008
Hi all:
I'm a newbie in the development area of Openswan. Recently I search the
internet and find there is little documents about the source code. Most
related docs are foucus on the usage and configuration of Openswan however.
Paul introduce the mailing list to me. So here am I ~!
I want to to build my module using the interface of ipsec tunnel. So I pay
much of attention to the ipsec_tunnel.c and ipsec_tunnel_start_xmit()
function especially. And I depict the picture below to understand the key
function invovled.
ipsec_tunnel_start_xmit(skb,dev)
{
....
ipsec_tunnel_SAlookup();//??
....
ipsec_xmit_encap_bundle(ixs)
{
ipsec_xmit_encap_once(ixs);// which do the work of encapsulation and
ESP/AH
}
....
ipsec_tunnel_send(ixs)//which send the packet out
}
It's torturous for me to look up the source code without any help-doc. So my
question are mainly about the code and falls in three parts as follows:
1.which part of the code is designed to decide which connection (or SA )to
use and which part is to trigger the establishment of SA if it do not exist?
2. what the functionality of function of ipsec_findroute() and the
structure eroute?
3.KLIPS is only designed for IPv4 ? As many data structure are only for
IPv4.
My task is to transport the IPv4 packet by IPv6 IPsec tunnel . When I
receive the packet , I need to determine which connection(or SA)will bei
used to tunnel the ipv4 packet (in sk_buff ). Can anyone give me any idea or
suggestion about my task? Thank you .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20080604/7378022e/attachment.html
More information about the Dev
mailing list