[Openswan dev] Openswan support for RFC 4301
Patricia de Noriega
pnoriega at it.uc3m.es
Thu Jan 13 06:20:30 EST 2011
Does openswan support RFC 4301? I'm interested specifically in how it search
in the SAD.
This RFC search as follows:
1. Search the SAD for a match on the combination of SPI,
destination address, and source address. If an SAD entry
matches, then process the inbound packet with that
matching SAD entry. Otherwise, proceed to step 2.
2. Search the SAD for a match on both SPI and destination address.
If the SAD entry matches, then process the inbound packet
with that matching SAD entry. Otherwise, proceed to step 3.
3. Search the SAD for a match on only SPI if the receiver has
chosen to maintain a single SPI space for AH and ESP, and on
both SPI and protocol, otherwise. If an SAD entry matches,
then process the inbound packet with that matching SAD entry.
Otherwise, discard the packet and log an auditable event.
Does openswan the same?
Regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20110113/5a7294b2/attachment.html
More information about the Dev
mailing list