#86 decapsulated packet not checked against policy

[Robert Story]

an incoming encrypted packet is decapsulated and
accepted withough checking to see if the sa used to
decapsulate it met acceptable policy.

This is a hard problem to solve, as there currently is
no method of correlating SADB entries with rules/actions.