[Top] [All Lists]

Re: take 2 WAS(Re: PATCH: IPSEC xfrm events

To: jamal <hadi@xxxxxxxxxx>
Subject: Re: take 2 WAS(Re: PATCH: IPSEC xfrm events
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 4 Apr 2005 11:01:14 +1000
Cc: Patrick McHardy <kaber@xxxxxxxxx>, Masahide NAKAMURA <nakam@xxxxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, netdev <netdev@xxxxxxxxxxx>
In-reply-to: <1112469601.1088.173.camel@jzny.localdomain>
References: <> <1112353398.1096.116.camel@jzny.localdomain> <> <1112358278.1096.160.camel@jzny.localdomain> <> <1112403845.1088.14.camel@jzny.localdomain> <> <1112406164.1088.54.camel@jzny.localdomain> <> <1112469601.1088.173.camel@jzny.localdomain>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.6+20040907i
On Sat, Apr 02, 2005 at 02:20:01PM -0500, jamal wrote:
> 1) Weve discussed this before Herbert and i think you misspoke that
> pfkey delivers to all listerners.
> pfkey Add/del/upd now really do tell all processes about what happened.
> Before pfkey would skip the originating process. So far this doesnt seem
> to be an issue in the basic testing.

Are you sure? Previously they did BROADCAST_ALL which goes to everyone
including the sender.

> 2) I ended adding a policy_notify to the pfkey manager to make the code
> generic. Interesting thing is i dont think pfkey knows what to do with 
> policy expiration or i am misreading the code.

That's right, pfkey never had policy expire messages.  In general,
anything to do with policies cannot be done portably in pfkey since
the RFC only specified the SA operations.

Visit Openswan at
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page:
PGP Key:

<Prev in Thread] Current Thread [Next in Thread>