This patch changes racoon to generate forward policies
if required (with tunnel mode SA). Linux uses these for
policy checks of forwarded packets, instead of inbound
policies. The patch is not complete, it doesn't check
for a forward policy in get_proposal_r because without
a proposal it can't be determined if it is needed. Maybe
someone more familiar with racoon than me can use this as
a starting point for a complete patch. 2.6.9-bk will drop
forwarded packets from a tunnel-mode SA when no forward
policy is present.
Get latest updates about Open Source Projects, Conferences and News.