Tobias Brunner
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
Tobias Brunner
17927ca615
Record usage history of policies in PF_KEY kernel interface.
...
The implementation is nearly the same as in the Netlink kernel interface.
2011-07-06 12:56:34 +02:00
Tobias Brunner
108357b106
Some code cleanup in PF_KEY kernel interface.
2011-07-06 09:43:46 +02:00
Tobias Brunner
328f22e1d3
Add the reqid to kernel_ipsec_t.del_policy.
2011-07-06 09:43:45 +02:00
Tobias Brunner
3ee8fed445
Cache the most recent reqid in the PF_KEY kernel interface.
...
This makes the PF_KEY kernel interface behave the same as the Netlink
kernel interface.
2011-07-06 09:43:45 +02:00
Andreas Steffen
06b5b61838
install PASS and DROP shunt policies via PFKEYv2 interface
2011-07-05 21:57:45 +02:00
Martin Willi
14bf2f689d
Use CRITICAL job priority class for long running dispatcher jobs
2011-05-16 15:24:15 +02:00
Martin Willi
4876d4f3b3
Added an esn parameter to the kernel interface add_sa functions
2011-04-20 12:26:57 +02:00
Andreas Steffen
e3504d6011
added missing tfc argument to kernel_pfkey_ipsec interface
2010-12-27 05:53:36 +01:00
Tobias Brunner
e6f42b0721
Include the destination net in the policy priority calculation.
...
The resulting priorities are as follows:
IPv6 IPv4
routed normal routed normal
max 4096(+3) 2048(+3) 4096(+3) 2048(+3)
min 3072 1024 3840 1792
Where min is for a policy between two single hosts and max is
for /0 on both ends (lower priorities are preferred by the kernel).
(+3) applies for cases where no protocol and no ports are defined.
2010-12-07 12:14:50 +01:00
Tobias Brunner
b8bf01ddee
Do not install routes for pluto.
...
There are some incompatibilities with e.g. passthrough policies.
Pluto installs required source routes via updown script.
2010-09-02 19:04:24 +02:00
Tobias Brunner
06cdeac25f
Charon specific strongswan.conf options generalized.
2010-09-02 19:04:22 +02:00
Tobias Brunner
34cf6def83
Fixing installation of trap policies (SPI=0) in kernel interface.
2010-09-02 19:04:21 +02:00
Tobias Brunner
bd7a2f3bfc
Added an option to specify the type of a policy to kernel_ipsec.add_policy.
...
This will later allow us to support pluto's passthrough and drop
policies in charon.
2010-09-02 19:04:19 +02:00
Tobias Brunner
b4872c1e09
Replaced the protocol argument in add_policy with an optional SPI for an AH SA.
2010-09-02 19:04:19 +02:00
Tobias Brunner
bb381e26c6
Refer to scheduler and processor via lib and not hydra.
2010-09-02 19:04:18 +02:00
Tobias Brunner
062a602216
Moved all kernel plugins to libhydra.
2010-09-02 19:01:26 +02:00