[Openswan Users] Openswan with Advanced Linux Routing

[Brendan Simon]

Paul Wouters wrote:
>> Does anyone know if OpenSWAN interroperates fully with the Linux IP
>> stack.  ie. will it work with multiple routing tables and the "ip
>> rules", etc ???
>>     
> I am not sure what you mean with "works with ip rule"?
>
> All routing changes are done by calling scripts, which you can customize.
>   
I am using multiple route tables (not the main route table).  I use the 
"ip rule" command to implement some source routing rules to choose the 
appropriate route table to use for routing.  The advanced routing is 
generally known as iproute2 (or iproute in Debian).

The commericial IPSec stack only interrogates the main table and does 
not look at other tables.  Effectively my ip rules are ignored as the 
IPSec stack is actually doing the routing based on the main linux 
routing table.  What I really want is for the IPSec stack to NOT do the 
routing, but pass the packets to the standard linux routing code.

Cheers,
Brendan.