On Fri, 2005-04-01 at 20:46, Herbert Xu wrote:
> On Fri, Apr 01, 2005 at 08:42:45PM -0500, jamal wrote:
> >
> > So always go v2?
>
> Yes since that's the only version that the kernel knows how to generate.
Ok, heres a general patch first cut i think i got all that was discussed
in there. ive done some basic 5 minutes tests on.
Once we have agreement i will pass it on to Masahide-san to do more
thorough testing.
Look at the XXX comments in the patch.
A couple of interesting things:
1) Weve discussed this before Herbert and i think you misspoke that
pfkey delivers to all listerners.
pfkey Add/del/upd now really do tell all processes about what happened.
Before pfkey would skip the originating process. So far this doesnt seem
to be an issue in the basic testing.
2) I ended adding a policy_notify to the pfkey manager to make the code
generic. Interesting thing is i dont think pfkey knows what to do with
policy expiration or i am misreading the code.
I dont see any message type for policy expiration as i do for sa
expiration. Ive put some hooks and a little noise. I could remove the
printks - for now they are just place holders.
cheers,
jamal
ipsec-event-take2
Description: Text document
|