I am trying to create a security association using ip xfrm command, but
i get an message saying
"RTNETLINK answers: Function not implemented" and ip xfrm state
succeeds in displaying sa written using setkey .
ip xfrm state add src 192.168.1.20 dst 192.168.1.5 proto esp spi
0x354cb04b mode tunnel reqid 16385 replay-window 32 auth hmac
0xecf02a5cf6568556e1bdcd961c7ec3f92afd01cc enc cbc
0x5c0cfa9672ce67ba545b593076dfb278 sel src 0.0.0.0/0 dst 0.0.0.0/0
ERROR message => "RTNETLINK answers: Function not implemented"
Timo Teräs wrote:
If I make the following change will it solve
my purpose has described below
Changes to be made:
in function pfkey_sockaddr_fill() in file net/key/af_key.c
-- sin->sin_port = port;
++ sin->sin_port = sa->sin_port;
That's a kernel side change. Your request is better suited for linux
networking mailing list. Though, I'm almost certain that this won't be
accepted. They intentionally zero out the port for legacy reasons.
You are of course free to run your modified kernel. But you are stuck
keeping the change locally.