This repository has been archived on 2022-02-17. You can view files and clone it, but cannot push or open issues or pull requests.

Masahide NAKAMURA 157bfc2502 [XFRM]: Restrict upper layer information by bundle. ... On MIPv6 usage, XFRM sub policy is enabled. When main (IPsec) and sub (MIPv6) policy selectors have the same address set but different upper layer information (i.e. protocol number and its ports or type/code), multiple bundle should be created. However, currently we have issue to use the same bundle created for the first time with all flows covered by the case. It is useful for the bundle to have the upper layer information to be restructured correctly if it does not match with the flow. 1. Bundle was created by two policies Selector from another policy is added to xfrm_dst. If the flow does not match the selector, it goes to slow path to restructure new bundle by single policy. 2. Bundle was created by one policy Flow cache is added to xfrm_dst as originated one. If the flow does not match the cache, it goes to slow path to try searching another policy. Signed-off-by: Masahide NAKAMURA <nakam@linux-ipv6.org> Signed-off-by: David S. Miller <davem@davemloft.net>		2007-04-30 00:58:09 -07:00
..
Kconfig	[PFKEYV2]: CONFIG_NET_KEY_MIGRATE option	2007-02-08 13:15:05 -08:00
Makefile	[XFRM]: Extract common hashing code into xfrm_hash.[ch]	2006-09-22 15:08:49 -07:00
xfrm_algo.c	[NET]: Revert sk_buff walker cleanups.	2007-04-27 15:21:23 -07:00
xfrm_hash.c	[XFRM]: Extract common hashing code into xfrm_hash.[ch]	2006-09-22 15:08:49 -07:00
xfrm_hash.h	[XFRM] STATE: Use destination address for src hash.	2006-10-04 00:31:02 -07:00
xfrm_input.c	[SK_BUFF]: Introduce skb_transport_header(skb)	2007-04-25 22:25:31 -07:00
xfrm_policy.c	[XFRM]: Restrict upper layer information by bundle.	2007-04-30 00:58:09 -07:00
xfrm_state.c	[XFRM]: Export SAD info.	2007-04-26 00:10:29 -07:00
xfrm_user.c	[XFRM]: Export SPD info	2007-04-28 21:20:32 -07:00