Hi.
I'm working on some tools that watch IPsec activity in the kernel
out-of-band by opening an Netlink socket and watching for XFRM messages.
I'm trying to understand which messages (XFRM_MSG_NEWSA, XFRM_MSG_UPDSA,
XFRM_MSG_EXPIRE, XFRM_MSG_DELSA) occur when, and how to deconstruct the
messages and grovel out the interesting fields.
Is there a useful writeup on the messages and when/how they are generated?
I tried running "ip xfrm monitor" while bringing up/taking down some
tunnels, but it wasn't as straight-forward as I had hoped.
Any useful pointers appreciated.
Thanks,
-Philip
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
