[Openswan Users] ipsec userland restart

[Paul Wouters]

On Tue, 27 May 2008, hiren joshi wrote:

> I do not want to use `ipsec whack shutdown` as this doesn't notify the peer
> about removing the SAs.
> I am thinking about bypassing the rmmod/insmod work done in _realsetup +
> _startklips for ipsec restart.
> Is it the right way to go (Is it mandatory to load/unload ipsec.ko whenever
> ipsec restarts)?

That should be fine (assuming no bugs), as we do attempt to clear out
any kernel state on shutdown and clear the state on start. Obviously
reloading the module garantees us a clean state to start with.

Paul

-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155