[Swan] hidetos with NETKEY & VTI
Paul Wouters
paul at nohats.ca
Mon Oct 30 19:27:11 UTC 2017
On Mon, 30 Oct 2017, Craig Marker wrote:
> I’m interested in ‘unhiding’ TOS bits with a NETKEY VTI Libreswan setup. I see the ‘hidetos’ configuration value is specific to the KLIPS kernel configuration, is it available for the
> NETKEY VTI configuration?
It's not supported by our code. I'm not sure if XFRM has a way of
communicating this IPsec SA property to the kernel. If it does,
then we can surely add support for it.
Paul
More information about the Swan
mailing list