| Age | Commit message (Collapse) | Author |
|---|
|
non-root userland process, under certain routing table setup.
http://orange.kame.net/dev/query-pr.cgi?pr=217
|
|
the hack tries to respect ifa or ifp passed to RTM_ADD. However, the change
broke certain link-layers. They include:
- midway ethernet card (en*), which uses sockaddr_dl in gateway portion
to pass PVC information. with the patch, the gateway portion will be
overwritten by empty sockaddr_dl and PVC initialization will fail.
- IPv6, which can't set static ND table with the patch (ndp -s) with the
similar reason.
There may be improved hack coming soon, hope the new one does not break others.
|
|
|
|
replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support.
see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine
as well, but you'll need KAME userland tools to play with IPv6 (will be
bringed into soon).
|
|
|
|
draft-mcdonald-simple-ipsec-api, kernel notifies (EMT_REQUESTSA) signal
userland key management applications when security services are requested.
this is only for outgoing connections at the moment, incoming packets
are not yet checked against the selected socket policy.
|
|
|
|
|
|
|
|
|
|
|
