Re: Ipsec - PF_KEY and set_policy
- From: blue <susan.lan@xxxxxxxxxxxx>
- Date: Thu, 26 Jul 2007 08:13:02 +0800
As far as I know, setkey is used for IPsec SP and SA configuration. ipsec_set_policy() could transfer a string to "policy request", which is defined in RFC 2367 PF_KEY. Internally, setkey() will call ipsec_set_policy() to construct the message then send it down to the kernel. However, ipsec_set_policy() is used only for SP, not SA.
blue
aditya kiran wrote:
Hi,
I was just trying to understand PF_KEY interface for ipsec settings. So,
setkey uses it to do that. but i could find another system call -
ipsec_set_policy. Could any body let me know why there are two interfaces to
configure ipsec?
Thanks,
Aditya
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Ipsec - PF_KEY and set_policy
- From: George V. Neville-Neil
- Re: Ipsec - PF_KEY and set_policy
- References:
- Ipsec - PF_KEY and set_policy
- From: aditya kiran
- Ipsec - PF_KEY and set_policy
- Prev by Date: 3com 3c905c-tx Fast Etherlink Xl
- Next by Date: SADB_X_SPDFLUSH message handling for latest version of IPsec
- Previous by thread: Ipsec - PF_KEY and set_policy
- Next by thread: Re: Ipsec - PF_KEY and set_policy
- Index(es):
Relevant Pages
|
|
