Hi,
> This is the latest set patches for netfilter IPsec support.
> The use of netif_rx for the innermost SA if it used transport
> mode has been replaced by explicit NF_HOOK calls in
> xfrm{4,6}_input.c.
Could you please describe the solution you implemented a bit more? There was
just so many back and forth that I'm confused now.
If I use it with iptables, do the transport mode packets go through INPUT and
OUTPUT twice, decrypted and encrypted?
If I use it with iptables, do the tunnel mode packets go through FORWARD or
INPUT and OUTPUT twice, decrypted and encrypted?
Can I do NAT in tunnel and transport mode?
what about the policy match patches, why are they only posted "for
completeness" and as 11/12 of 10? Aren't they ready yet?
Thanks for enlightment.
Kind regards,
Gerd
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
