Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports

To: SUENAGA Hiroki <hsuenaga%iij.ad.jp@localhost>, gnats-bugs%NetBSD.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
From: Egerváry Gergely <gergely%egervary.hu@localhost>
Date: Fri, 20 Jun 2014 10:42:52 +0200

> You say:
>   "kernel doesn't know its side of negotiation. racoon knows it, but
>   there is no API to send the side information to kernel."
> 
> Probably you should look into the Linuxized racoon code (and the Linux
> IPSec code, if required) how it is handled there.

This is the source of the Debianized racoon:

ftp://ftp.debian.org/debian/pool/main/i/ipsec-tools/ipsec-tools_0.8.2.orig.tar.gz
ftp://ftp.hu.debian.org/debian/pool/main/i/ipsec-tools/ipsec-tools_0.8.2-2.debian.tar.xz

It's the same as the NetBSD racoon in ~ 99 percent. The kernel part is
completely different, but the API should be the same.

Hope it helps.

-- 
Egerváry Gergely

Follow-Ups:
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: Christos Zoulas
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: SUENAGA Hiroki

References:
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: Egerváry Gergely
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: SUENAGA Hiroki
- Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
  - From: Egerváry Gergely

Prev by Date: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Date: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Previous by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Next by Thread: Re: bin/47894: racoon w/NAT-T - pfkey update: wrong ports
Indexes:

Home | Main Index | Thread Index | Old Index