[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-announce
Subject:    Re: [strongSwan-dev] development
From:       Suresh Kumar <sureshkumarr.s () gmail ! com>
Date:       2010-04-25 18:49:56
Message-ID: i2u7f05469e1004251149v12c57030g16b7313ad3f96a90 () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi Andreas,

Thanks for the information.
Now i have little understanding on the arch.
I have configured two linux hosts on IKEv1 based host- host tunnel (referred
the sample config from strongswan website)

>ipsec start
src file : src/starter/starter.c
this file internally calls the  pluto process( plutomain.c). plutomain.c
initializes the ipsec protocols for IKEv1.

>ipsec up <connection-name>
I am not sure , which file is doing the connection management.

But internally i understand src/pluto/ipsec_doi.c functions are used for the
IKEv1 transcations.

Which is the source file calls the IKEv1 functions (ipsec_doi functions) for
establish the IKEv1 based IPSEC tunnel?

Can you please give some light on this.

thanks
suresh






On Thu, Apr 22, 2010 at 6:58 PM, Andreas Steffen <
andreas.steffen@strongswan.org> wrote:

> Hi Suresh,
>
> there is no documentation at all available on the pluto architecture.
> Have a look at demux.c which parses incoming packets and ipsec_doi.c
> which handles the content of the IKEv1 messages. You'll find both
> files in the src/pluto directory.
>
> Regards
>
> Andreas
>
>
> On 22.04.2010 12:46, Suresh Kumar wrote:
>
>> Hi Andreas,
>> I am doing some research on the IKEv1 failure cases and how it can be
>> addressed by software itself. (Assumption: very minmal vpn configuration
>> to establish the IPSEC)
>> For that, I am using the strongswan pluto, and  currently testing the
>> IKEv1 failure cases in strongswan.
>> For Eg: Initiator is IKEv1(default) and responder is IKEv2(strictly
>> confugured) version.
>> This configuration,reponder doenst respond , initiator retransmits and
>> finally stops.
>> For this, try send IKEv2 packet and try..
>>
>> Do we have some documentation for pluto?
>> thansk
>> suresh
>>
>>
> ======================================================================
> Andreas Steffen                         andreas.steffen@strongswan.org
> strongSwan - the Linux VPN Solution!                www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>

[Attachment #5 (text/html)]

Hi Andreas,<br><br>Thanks for the information. <br>Now i have little understanding on \
the arch.<br>I have configured two linux hosts on IKEv1 based host- host tunnel \
(referred the sample config from strongswan website)<br> <br>&gt;ipsec start<br>src \
file : src/starter/starter.c <br>this file internally calls the  pluto process( \
plutomain.c). plutomain.c  initializes the ipsec protocols for \
IKEv1.<br><br>&gt;ipsec up &lt;connection-name&gt;<br> I am not sure , which file is \
doing the connection management.<br><br>But internally i understand \
src/pluto/ipsec_doi.c functions are used for the IKEv1 transcations. <br><br>Which is \
the source file calls the IKEv1 functions (ipsec_doi functions) for establish the \
IKEv1 based IPSEC tunnel?<br> <br>Can you please give some light on \
this.<br><br>thanks<br>suresh<br><br><br><br><br><br><br><div class="gmail_quote">On \
Thu, Apr 22, 2010 at 6:58 PM, Andreas Steffen <span dir="ltr">&lt;<a \
href="mailto:andreas.steffen@strongswan.org">andreas.steffen@strongswan.org</a>&gt;</span> \
wrote:<br> <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, \
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi Suresh,<br> <br>
there is no documentation at all available on the pluto architecture.<br>
Have a look at demux.c which parses incoming packets and ipsec_doi.c<br>
which handles the content of the IKEv1 messages. You&#39;ll find both<br>
files in the src/pluto directory.<br>
<br>
Regards<br><font color="#888888">
<br>
Andreas</font><div class="im"><br>
<br>
On 22.04.2010 12:46, Suresh Kumar wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); \
margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"> Hi Andreas,<br>
I am doing some research on the IKEv1 failure cases and how it can be<br>
addressed by software itself. (Assumption: very minmal vpn configuration<br>
to establish the IPSEC)<br>
For that, I am using the strongswan pluto, and  currently testing the<br>
IKEv1 failure cases in strongswan.<br>
For Eg: Initiator is IKEv1(default) and responder is IKEv2(strictly<br>
confugured) version.<br>
This configuration,reponder doenst respond , initiator retransmits and<br>
finally stops.<br>
For this, try send IKEv2 packet and try..<br>
<br>
Do we have some documentation for pluto?<br>
thansk<br>
suresh<br>
<br>
</blockquote>
<br></div><div><div></div><div class="h5">
======================================================================<br>
Andreas Steffen                         <a \
href="mailto:andreas.steffen@strongswan.org" \
target="_blank">andreas.steffen@strongswan.org</a><br> strongSwan - the Linux VPN \
Solution!                <a href="http://www.strongswan.org" \
target="_blank">www.strongswan.org</a><br> Institute for Internet Technologies and \
Applications<br> University of Applied Sciences Rapperswil<br>
CH-8640 Rapperswil (Switzerland)<br>
===========================================================[ITA-HSR]==<br>
</div></div></blockquote></div><br>



_______________________________________________
Dev mailing list
Dev@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/dev

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic