[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF_KEY socket code examples

To: rob frohwein <rob@frohwein.xs4all.nl>, ipsec@lists.tislabs.com
Subject: Re: PF_KEY socket code examples
From: Parijat Mishra <parijat@cwc.nus.edu.sg>
Date: Mon, 6 May 2002 09:45:51 +0800
In-Reply-To: <3CD4CB14.EF621859@frohwein.xs4all.nl>
Organization: CWC
References: <3CD4CB14.EF621859@frohwein.xs4all.nl>
Reply-To: parijat@cwc.nus.edu.sg
Sender: owner-ipsec@lists.tislabs.com

On Sunday 05 May 2002 14:03, rob frohwein wrote:
  > Does anyone maybe has some code examples that demonstrate
  > how to specify and read SPDs and SAa via socket( ....,PFKEY) ??

The PFKEY interface as specified in RFC2367 only allows one to 
read/write to the SADB, not SPD. However, some IPSec implementations 
have created extensions to allow the specification of SPD entries as 
well.

In any case, good starting points would be the FreeS/WAN project 
(www.freeswan.org) and the IPSec implementation withing the USAGI 
project (www.linux-ipv6.org).  Both contain extensions to the base 
PFKEY interface to deal with SPDs, SA groups and stuff, and differ 
from each other.  Another place should be the KAME project's 
implementation -- but I am not a BSD user and do not know much about 
it.

-- 
Sincerely,
Parijat Mishra
R & D Engineer,
Institute for Communications Research
Tel: (65)68709353

References:
- PF_KEY socket code examples
  - From: rob frohwein <rob@frohwein.xs4all.nl>

Prev by Date: PF_KEY socket code examples
Next by Date: Re: Ikev2 IKE-SA rekey collision
Prev by thread: PF_KEY socket code examples
Next by thread: IKE and Legacy A.S
Index(es):
- Date
- Thread