[Openswan dev] Openswan and NETKEY
leenax at gmail.com
Thu Mar 20 08:12:43 EDT 2008
So after we build and install openswan, it gets loaded as a kernel module,
right? If we have to statically compile it in, we would have to rebuild the
kernel. Is my understanding correct?
On Wed, Mar 19, 2008 at 7:00 PM, Michael Richardson <
mcr at sandelman.ottawa.on.ca> wrote:
> >>>>> "Leena" == Leena Soman <leenax at gmail.com> writes:
> Leena> Hi, I have just started a project on ipsec and have a very
> Leena> basic question regarding the co-existence of openswan ipsec
> Leena> and the native linux ipsec. I see from the code that openswan
> Leena> calls sock_register to register for the PF_KEY family and the
> Leena> native linux code also does the same. So openswan will get an
> Leena> error unless it has initialized before NETKEY. How does it
> Leena> make sure of this?
> You are responsible for this.
> Either you load one module or the other, or compile one in statically,
> or the other. There is little or no co-existence at runtime.
> It is something we would like to fix, but it is not done.
> ] Bear: "Me, I'm just the shape of a bear." |
> firewalls [
> ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net
> ]mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device
> ]panic("Just another Debian GNU/Linux using, kernel hacking, security
> guy"); [
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev