Hi there, We are currently (still) using openswan, but will shortly be migrating over to libreswan. I suspect this question is generic and relevant to both, so I'm sending it to this list.
We make use of firewall marks quite extensively, more so as time has gone by, and now we have issues whereby KLIPS is asserting its own marks. This is proving to be a real problem, since marks are used for critical things like policy routing etc. 1. What functionality does the usage of these marks give KLIPS? 2. If it is minor, is it possible to disable this functionality either at configure time or compile time? 3. I notice that there is a kernel patch: (0001-SAREF-add-support-for-SA-selection-through-sendmsg.patch) which appears to move the useage of marks to a dedicated field in the sockbuf. Is applying this patch to our kernel tree, enabling the new option and rebuilding swan/klips enough to stop KLIPS from using firewall marks? Thanks! -- Lawrence Manning Founder & Developer *smoothwall* [email protected] www.smoothwall.com Head Office : 1 John Charles Way, Leeds, LS12 6QA, United Kingdom Tech Office : Eagle Point, Litte Park Farm Road, Fareham, PO15 5TD, United Kingdom US Office : 8008 Corporate Center Dr #410, Charlotte, NC 28226, United States Telephone: UK: +44 870-199-9500 US: +1 800-959-3760 <https://www.facebook.com/smoothwall?ref=hl> [image: http://s3-eu-west-1.amazonaws.com/smoothwallweb/twitter.png] <https://twitter.com/Smoothwall> [image: http://s3-eu-west-1.amazonaws.com/smoothwallweb/googleplus.png] <https://plus.google.com/u/0/105975318877636922166/posts> [image: circle_test] <http://smoothwall.uservoice.com/forums/145832-general> [image: linkedin_test] <https://www.linkedin.com/company/smoothwall-ltd> Smoothwall Limited is registered in England, Company Number: 4298247 and whose registered address is 1 John Charles Way, Leeds, LS12 6QA United Kingdom. This email and any attachments transmitted with it are confidential to the intended recipient(s) and may not be communicated to any other person or published by any means without the permission of Smoothwall Ltd. Any opinions stated in this message are solely those of the author.
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
