| To: | Aidas Kasparas <a.kasparas@xxxxxx> |
|---|---|
| Subject: | Re: [Ipsec-tools-devel] ipv4/ipv6 forwarding check |
| From: | Michal Ludvig <michal@xxxxxxxx> |
| Date: | Fri, 29 Oct 2004 11:27:38 +0200 (CEST) |
| Cc: | Joy Latten <latten@xxxxxxxxxxxxxx>, ipsec-tools-devel@xxxxxxxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <4181EBC3.3020507@xxxxxx> |
| References: | <200410300506.i9U56Yse005815@xxxxxxxxxxxxxxxxxxxx> <4181EBC3.3020507@xxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Fri, 29 Oct 2004, Aidas Kasparas wrote: > 1) push kernel developers to have rfc2401 semantics in kernel; > 1a) have pfkey kernel part transform rfc2401 semantics into kernel > semantics; > 2) have libpfkey generate extra policies transparently to the user; > 3) have tools (setkey and racoon) generate extra policies > transparently to the user; > 4) extend setkey's syntax to make explicit forward policy management > possible and write docs for all the admins to change policies. At least we must provide #4 - now it doesn't work at all, with explicit fwd policies things could be set up in most cases except for policy autogeneration in racoon. I hope to do the setkey part today. Michal Ludvig -- * A mouse is a device used to point at the xterm you want to type in. * Personal homepage - http://www.logix.cz/michal |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] 802.1Q VLAN, Tommy Christensen |
|---|---|
| Next by Date: | [RFC][PATCH 0/3] net: generic netdev_ioaddr, Pekka Enberg |
| Previous by Thread: | Re: [Ipsec-tools-devel] ipv4/ipv6 forwarding check, Aidas Kasparas |
| Next by Thread: | [RFC][PATCH 0/3] net: generic netdev_ioaddr, Pekka Enberg |
| Indexes: | [Date] [Thread] [Top] [All Lists] |