From: David Woodhouse <dw...@infradead.org> Date: Sun, 01 Feb 2015 13:33:50 +0000
> Of course, now I'm looking closely at the path these packets take to
> leave the box, it starts to offend me that they're being passed up to
> userspace just to encrypt them (as DTLS or ESP) and then send them back
> down to the kernel on a UDP socket. The kernel already knows how to
> {en,de}crypt ESP, and do the sequence number checking on incoming
> packets.
It's funny, I thought we had an IPSEC stack....
