[Openswan dev] Some question about the ipsec tunnel interface

宋林健 songlinjian at gmail.com
Wed Jun 4 06:10:54 EDT 2008

Hi all:

I'm a newbie in the development area of Openswan. Recently I search the
internet and find there is little documents about the source code. Most
related docs are foucus on the usage and configuration of Openswan however.
Paul introduce the mailing list to me. So here am I  ~!

 I want to to build my module using the interface of ipsec tunnel. So I pay
much of attention to the ipsec_tunnel.c and ipsec_tunnel_start_xmit()
function especially. And I depict the picture below to understand the key
function invovled.

        ipsec_xmit_encap_once(ixs);// which do the work of encapsulation and
    ipsec_tunnel_send(ixs)//which send the packet out

It's torturous for me to look up the source code without any help-doc. So my
question are mainly about the code and falls in three parts as follows:

1.which part of the code is designed to decide which connection (or SA )to
use and which part is to trigger the establishment of SA if it do not exist?
2. what the functionality of function of ipsec_findroute() and the
structure  eroute?
3.KLIPS is only designed for IPv4 ? As many data structure are only for

My task is to transport  the IPv4 packet by IPv6 IPsec tunnel . When I
receive the packet , I need to determine  which  connection(or SA)will bei
used to tunnel the ipv4 packet (in sk_buff ). Can anyone give me any idea or
suggestion about my task?  Thank you .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20080604/7378022e/attachment.html 

More information about the Dev mailing list