[Swan] question about templates
Kevin Wilson
wkevils at gmail.com
Mon Aug 12 23:13:34 EEST 2013
Hello
After starting the librewan daemon (only on one side) and running
ip xfrm policy show
I get:
src 192.168.2.10/32 dst 192.168.2.7/32
dir out priority 2080 ptype main
tmpl src 0.0.0.0 dst 0.0.0.0
My question is about templates (tmpl): what are they fore ? Is there a
way to define
/etc/ipsec.conf (or some other way) so that we will have more than one
template in an XFRM policy ?
I looked inside the kernel code and I see that struct xfrm_policy has
up to 6 templates:
struct xfrm_policy {
...
struct xfrm_tmpl xfrm_vec[XFRM_MAX_DEPTH];
...
};
(XFRM_MAX_DEPTH is 6)
(include/net/xfrm.h)
I know that this is not a kernel mailing list, but I would appreciate
if someone could elaborate on the meaning of template (in userspace
mostly and in kernel)\
regards,
Kevin
More information about the Swan
mailing list