Hello Daniel, > how can you ask the kernel what is the value of the ESP sequence > counter at anytime?
Have a look at the get_replay_state() function at [1], it gets the replay state from a kernel SA. We use it to adjust the replay state after updating addresses of an SA. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c#l1494 _______________________________________________ Dev mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/dev
