I am trying to set up ipsec esp tunnel with nat-traversal but without using racoon (I do my own key exchange based on MQV). I know that I need to create UDP socket in userspace and set it's UDP_ENCAP type. But because it didn't work I did "strace racoon" to see what had I missed. What I saw was:
setsockopt(sock, SOL_IP, 0x10 /* IP_??? */, "\2\0\22\0\4\0\1\0\0\0\0\0\0\0\0\200", 16);
setsockopt(sock, SOL_IP, 0x10 /* IP_??? */, "\2\0\22\0\4\0\2\0\0\0\0\0\0\0\0\200", 16);
After applying this to my program nat-traversal started to work. So everything is fine but those two lines are magic for me. Can someone explain me what is happening there? I cannot find any information, even 0x10 isn't defined as any human-readable parameter.