[Openswan dev] Openswan and NETKEY

Michael Richardson mcr at sandelman.ottawa.on.ca
Wed Mar 19 09:30:44 EDT 2008

>>>>> "Leena" == Leena Soman <leenax at gmail.com> writes:
    Leena> Hi, I have just started a project on ipsec and have a very
    Leena> basic question regarding the co-existence of openswan ipsec
    Leena> and the native linux ipsec. I see from the code that openswan
    Leena> calls sock_register to register for the PF_KEY family and the
    Leena> native linux code also does the same. So openswan will get an
    Leena> error unless it has initialized before NETKEY. How does it
    Leena> make sure of this?

  You are responsible for this.
  Either you load one module or the other, or compile one in statically,
or the other.  There is little or no co-existence at runtime.  
  It is something we would like to fix, but it is not done.

]           Bear: "Me, I'm just the shape of a bear."          |  firewalls  [
]  Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
]mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
]panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

More information about the Dev mailing list