[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: [Ipsec] Issue on PF_KEY vs. Netlink interface
From: Park Lee <parklee_sel () yahoo ! com>
Date: 2004-11-26 9:56:04
Message-ID: 20041126095604.62148.qmail () web51505 ! mail ! yahoo ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi,
I'm learning native IPsec in Linux kernel 2.6. and use IPsec-Tools as my \
user-space tools. In net/key/af_key.c, there are something about PF_KEY as follows:
static struct xfrm_mgr pfkeyv2_mgr =
{
.id = "pfkeyv2",
.notify = pfkey_send_notify,
.acquire = pfkey_send_acquire,
.compile_policy = pfkey_compile_policy,
.new_mapping = pfkey_send_new_mapping,
};
static int pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct \
xfrm_policy *xp, int dir)
In net/xfrm/xfrm_user.c, there are also something about Netlink as follows:
static struct xfrm_mgr netlink_mgr = {
.id = "netlink",
.notify = xfrm_send_state_notify,
.acquire = xfrm_send_acquire,
.compile_policy = xfrm_compile_policy,
.notify_policy = xfrm_send_policy_notify,
};
static int xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *xt,
struct xfrm_policy *xp, int dir)
Then, when kernel send a message to racoon for setting up a SA, What \
interface(i.e. PF_KEY or Netlink) indeed is used to send such a message? (i.e. Does \
it use pfkey_send_acquire() or xfrm_send_acquire()? ) And, What is the relationship \
between PF_KEY and Netlink in Linux kernel, when we use IPsec?
Thank you.
--
Best Regards,
Park Lee <parklee_sel@yahoo.com>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
[Attachment #5 (text/html)]
<DIV>Hi,<BR> I'm learning native IPsec in Linux kernel 2.6. and use \
IPsec-Tools as my user-space tools.<BR> In net/key/af_key.c, there \
are something about PF_KEY as follows:</DIV> <DIV>static struct xfrm_mgr pfkeyv2_mgr \
=<BR>{<BR> \
.id = \
"pfkeyv2",<BR> \
.notify = \
pfkey_send_notify,<BR> \
.acquire = \
pfkey_send_acquire, \
<BR> .compile_policy = \
pfkey_compile_policy,<BR> \
.new_mapping = pfkey_send_new_mapping,<BR>};</DIV> <DIV>static int \
pfkey_send_acquire(struct xfrm_state *x, struct xfrm_tmpl *t, struct xfrm_policy *xp, \
int dir)</DIV> <DIV> </DIV>
<DIV> In net/xfrm/xfrm_user.c, there are also something about \
Netlink as follows:</DIV> <DIV>static struct xfrm_mgr netlink_mgr = \
{<BR> \
.id = \
"netlink",<BR> \
.notify = \
xfrm_send_state_notify,<BR> \
.acquire = \
xfrm_send_acquire,<BR> .compile_policy = \
xfrm_compile_policy,<BR> \
.notify_policy = xfrm_send_policy_notify,<BR>};</DIV> <DIV>static int \
xfrm_send_acquire(struct xfrm_state *x, struct xfrm_tmpl \
*xt,<BR> \
\
struct xfrm_policy *xp, int dir)</DIV> <DIV> </DIV>
<DIV> Then, when kernel send a message to racoon for setting \
up a SA, What interface(i.e. PF_KEY or Netlink) indeed is used to send such a \
message? (i.e. Does it use pfkey_send_acquire() or xfrm_send_acquire()? \
)<BR> And, What is the relationship between PF_KEY and Netlink in \
Linux kernel, when we use IPsec?</DIV> <DIV> </DIV>
<DIV> Thank you.</DIV>
<DIV> </DIV><BR><BR><DIV>
<DIV>
<DIV>
<DIV>
<DIV>
<DIV>--<BR>Best Regards,<BR>Park Lee <<A \
href="http://us.f515.mail.yahoo.com/ym/Compose?To=parklee_sel@yahoo.com&YY=1156&order=down&sort=date&pos=0"><FONT \
color=#003399>parklee_sel@yahoo.com</FONT></A>> </DIV> \
<DIV> </DIV></DIV></DIV></DIV></DIV></DIV><p>__________________________________________________<br>Do \
You Yahoo!?<br>Tired of spam? Yahoo! Mail has the best spam protection around \
<br>http://mail.yahoo.com
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic