[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(usagi-users 03124) Issues on calling racoon in Linux kernel 2.6
- To: ipsec-tools-devel@xxxxxxxxxxxxxxxxxxxxx
- Subject: (usagi-users 03124) Issues on calling racoon in Linux kernel 2.6
- From: Park Lee <parklee_sel@xxxxxxxxx>
- Date: Thu, 18 Nov 2004 08:35:50 -0800 (PST)
- Cc: usagi-users@xxxxxxxxxxxxxx
- Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=VFmeAN0geKSMHM7KO/drIDZ9sONj2HhI9S60wuDEQHMQcjVAtxiaCYarR3RgSNbosxQ07nlpz2sPFCzKM2DtcrZ+4EytC3mFdgHeOwo/UaCTflJKfmUwJy79fX/fIZikli+Jo6MQsuusKmUh/qI7aiPgd9685MQz/MWtytuq3+k= ;
- Reply-to: usagi-users@xxxxxxxxxxxxxx
- Resent-date: Fri, 19 Nov 2004 13:00:02 +0900
- Resent-from: sekiya@xxxxxxxxxxxxxx
- Resent-message-id: <200411191300.FMLAAB18580.usagi-users@linux-ipv6.org>
- Resent-to: usagi-users@xxxxxxxxxxxxxx (moderated)
Hi,
I'm now learning native IPsec in Linux kernel 2.6, I use IPsec-Tools as the user-space tools for it.
We know that racoon in IPsec-Tools is able to setup automatically keyed IPsec connections. In order to use automatically keyed IPsec connection, we need to define security policies without the appropiate security associations. Whenever the Linux kernel needs to protect a packet according to the security policies and when no security association is available, the Linux kernel calls racoon and asks for
the required security associations.
Then, Where is the code in the source code of Linux kernel 2.6 to call racoon? When kernel calls racoon, can it transfer some additional attributes to racoon (so that racoon can finally setup a IPsec SA with these additional attributes) ?
Thanks,
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com