Ipsec - PF_KEY and set_policy
blue
susan.lan at zyxel.com.tw
Thu Jul 26 00:13:03 UTC 2007
As far as I know, setkey is used for IPsec SP and SA configuration.
ipsec_set_policy() could transfer a string to "policy request", which is
defined in RFC 2367 PF_KEY. Internally, setkey() will call
ipsec_set_policy() to construct the message then send it down to the
kernel. However, ipsec_set_policy() is used only for SP, not SA.
blue
aditya kiran wrote:
> Hi,
> I was just trying to understand PF_KEY interface for ipsec settings. So,
> setkey uses it to do that. but i could find another system call -
> ipsec_set_policy. Could any body let me know why there are two
> interfaces to
> configure ipsec?
> Thanks,
> Aditya
> _______________________________________________
> freebsd-net at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscribe at freebsd.org"
>
More information about the freebsd-net
mailing list