[Top] [All Lists]

Re: resend patch: xfrm policybyid

To: hadi@xxxxxxxxxx
Subject: Re: resend patch: xfrm policybyid
From: Patrick McHardy <kaber@xxxxxxxxx>
Date: Sun, 08 May 2005 17:23:57 +0200
Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>, netdev <netdev@xxxxxxxxxxx>
In-reply-to: <1115562643.19561.148.camel@localhost.localdomain>
References: <> <1115331436.8006.112.camel@localhost.localdomain> <> <1115342122.7660.25.camel@localhost.localdomain> <> <1115345403.7660.49.camel@localhost.localdomain> <> <1115380381.7660.123.camel@localhost.localdomain> <> <1115469496.19561.41.camel@localhost.localdomain> <> <1115562643.19561.148.camel@localhost.localdomain>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.7.7) Gecko/20050420 Debian/1.7.7-2
jamal wrote:
> On Sun, 2005-08-05 at 18:07 +1000, Herbert Xu wrote:
>>Please elaborate by giving an example of how the index is actually
>>used.  Sorry, but as it is I'm too thick to see your point :)
> I have given you enough info that i am concluding this is now becoming a
> debate for the sake of one;->
> Sorry, Herbert, I strongly disagree with your views on this topic. This
> is one of those moments when it becomes obvious there can be no
> compromise. So I am hoping that someone following this discussion or
> writing management apps would speak up.

Allowing the user to freely set indices breaks racoon:

#ifdef __linux__
        /* bsd skips over per-socket policies because there will be no
         * src and dst extensions in spddump messages. On Linux the only
         * way to achieve the same is check for policy id.
        if (xpl->sadb_x_policy_id % 8 >= 3) return 0;

So how could we handle this?


<Prev in Thread] Current Thread [Next in Thread>