[Openswan dev] Relation between Security association and Security policy table in Linux2.6(Native IPSec Stack)
SaRaVanAn
saravanan.nagarajan87 at gmail.com
Wed Nov 2 06:26:58 EDT 2011
Hi team,
I need to know which parameter tells the kernel that "this particular
security policy correponds to this particular security association".
I could not able to track the common parameter between security polciy and
security association corresponds to a tunnel.
*Is it possible to explain how a SA is attached to SP?*
struct xfrm_usersa_info {
struct xfrm_selector sel;
struct xfrm_id id;
xfrm_address_t saddr;
struct xfrm_lifetime_cfg lft;
struct xfrm_lifetime_cur curlft;
struct xfrm_stats stats;
uint32_t seq;
uint32_t reqid;
uint16_t family;
uint8_t mode; /* 0=transport,1=tunnel */
uint8_t replay_window;
uint8_t flags;
#define XFRM_STATE_NOECN 1
#define XFRM_STATE_AF_UNSPEC 32
};
struct xfrm_userpolicy_info {
struct xfrm_selector sel;
struct xfrm_lifetime_cfg lft;
struct xfrm_lifetime_cur curlft;
uint32_t priority;
uint32_t index;
uint8_t dir;
uint8_t action;
#define XFRM_POLICY_ALLOW 0
#define XFRM_POLICY_BLOCK 1
uint8_t flags;
#define XFRM_POLICY_LOCALOK 1 /* Allow user to override global policy */
uint8_t share;
};
Regards,
Saravanan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20111102/0d1b2519/attachment.html
More information about the Dev
mailing list