[Swan] hidetos with NETKEY & VTI

[Paul Wouters]

On Mon, 30 Oct 2017, Craig Marker wrote:

> I’m interested in ‘unhiding’ TOS bits with a NETKEY VTI Libreswan setup. I see the ‘hidetos’ configuration value is specific to the KLIPS kernel configuration, is it available for the
> NETKEY VTI configuration?

It's not supported by our code. I'm not sure if XFRM has a way of
communicating this IPsec SA property to the kernel. If it does,
then we can surely add support for it.

Paul