Hi,
Is there a reason why the policies that are defined as unique can't be updated
through the pfkey interface?
What I'm trying to do is that:
1. I create SP entry and let the kernel assign a request id for policy (reqid
in the add is 0). This policy is a tunnel mode policy and I don't have the
outer addresses set at this point. Only the inner addresses are set so I'll
get the SADB_AQUIRE message with the inner addresses.
2. When my keying daemon get's the acquire from the kernel I run the key
exchange and then I send update to the SP with previously gotten reqid and
with outer addresses but it fails and kernel prints out:
"key_msg2sp: reqid=16384 range violation, updated by kernel."
This message comes from the sys/netkey/key.c:1488. It's obvious when I'm
adding a new SP entry that this check is done but when updating the SP
shouldn't it just check that the value given in update matches the one
assigned earlier?
Cheers,
Jan
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
