> We are not using a custom kernel backend. Our application uses the > netlink socket interface and sets-up the cryptographic HW engine with > SA events from strongSwan.
While you are using the kernel-netlink plugin and the Netlink XFRM interface, you are probably not using a vanilla Linux XFRM IPsec stack, are you? I don't know anything of your kernel-backend, but in the end you'll just have to respond appropriately to the XFRM_MSG_GETSA/XFRM_MSG_GETPOLICY requests with SA usage information. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
