[Openswan Users] XFRM policy Update event for Inbound Policy
Herbert Xu
herbert at gondor.apana.org.au
Wed May 6 05:32:12 EDT 2009
On Tue, May 05, 2009 at 11:45:56AM -0400, Paul Wouters wrote:
> On Tue, 5 May 2009, krishna murthy wrote:
>
> (CC:ed Herbert, since he probably knows this code best, and bumping to dev at openswan.org)
>
> > I am looking for Policy update notifications from the XFRM during the IPSec Re-keying. I look for the "XFRM_MSG_UPDPOLICY" event. The issue I see is that i Only get Policy updates for the Outbound Policies and not for the Inbound. Below is the dump of " ip xfrm monitor"
> >
> > Updated src 9.1.1.0/24 dst 11.0.0.0/8
> > dir out priority 2360
> > tmpl src 192.168.10.1 dst 192.168.10.2
> > proto esp reqid 16385 mode tunnel
> >
> > never i see a policy update for the "dir=in". Please let me know if i am missing something.
We don't need to update policies when rekeying since the policies
haven't changed. The outbound policy gets updated only because
that was the easiest way of getting Openswan to work on Linu.x
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list