[Openswan dev] Openswan and NETKEY

Leena Soman leenax at gmail.com
Thu Mar 20 08:12:43 EDT 2008

So after we build and install openswan, it gets loaded as a kernel module,
right? If we have to statically compile it in, we would have to rebuild the
kernel. Is my understanding correct?


On Wed, Mar 19, 2008 at 7:00 PM, Michael Richardson <
mcr at sandelman.ottawa.on.ca> wrote:

> >>>>> "Leena" == Leena Soman <leenax at gmail.com> writes:
>    Leena> Hi, I have just started a project on ipsec and have a very
>    Leena> basic question regarding the co-existence of openswan ipsec
>    Leena> and the native linux ipsec. I see from the code that openswan
>    Leena> calls sock_register to register for the PF_KEY family and the
>    Leena> native linux code also does the same. So openswan will get an
>    Leena> error unless it has initialized before NETKEY. How does it
>    Leena> make sure of this?
>  You are responsible for this.
>  Either you load one module or the other, or compile one in statically,
> or the other.  There is little or no co-existence at runtime.
>  It is something we would like to fix, but it is not done.
> --
> ]           Bear: "Me, I'm just the shape of a bear."          |
>  firewalls  [
> ]  Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net
> architect[
> ]mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device
> driver[
> ]panic("Just another Debian GNU/Linux using, kernel hacking, security
> guy"); [
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20080320/0a9cc7d4/attachment.html 

More information about the Dev mailing list