RE: port bound SAs

(off-list ancestor, not in this archive)
port bound SAs · Paul Moore <hidden> · 2009-01-26
Re: port bound SAs · David Miller <davem@davemloft.net> · 2009-01-27
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27
Re: port bound SAs · David Miller <davem@davemloft.net> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-27
RE: port bound SAs · Paul Moore <hidden> · 2009-01-28
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-28
RE: port bound SAs · Paul Moore <hidden> · 2009-01-28
Re: port bound SAs · Patrick McHardy <hidden> · 2009-01-28
RE: port bound SAs · Paul Moore <hidden> · 2009-01-28
Re: port bound SAs · Herbert Xu <herbert@gondor.apana.org.au> · 2009-01-30
xfrm selector generating IKE · Paul Moore <hidden> · 2009-02-24
Re: xfrm selector generating IKE · Herbert Xu <herbert@gondor.apana.org.au> · 2009-02-24
RE: xfrm selector generating IKE · Paul Moore <hidden> · 2009-02-24
Re: xfrm selector generating IKE · Herbert Xu <herbert@gondor.apana.org.au> · 2009-02-25
RE: xfrm selector generating IKE · Paul Moore <hidden> · 2009-02-25
Re: xfrm selector generating IKE · Herbert Xu <herbert@gondor.apana.org.au> · 2009-02-25
RE: xfrm selector generating IKE · Paul Moore <hidden> · 2009-02-25
Re: xfrm selector generating IKE · Herbert Xu <herbert@gondor.apana.org.au> · 2009-02-25
RE: port bound SAs · Paul Moore <hidden> · 2009-01-29
RE: port bound SAs · Paul Moore <hidden> · 2009-01-27

From: Paul Moore <hidden>
Date: 2009-01-29 17:23:51

thx - terse but helpful comments

Q. I need port bound SAs that are optional.
The kernel code seems to allow this but ip xfrm does not allow them to
be specified (nor does pfkey)
Is it simply an error in ip xfrm to ban them or does the kernel not
support them

-----Original Message-----
From: Patrick McHardy [mailto:kaber@trash.net] 
Sent: Wednesday, January 28, 2009 10:12 AM
To: Paul Moore
Cc: David Miller; netdev@vger.kernel.org
Subject: Re: port bound SAs

Paul Moore wrote:

So how do I get an SA with a port set on it

You don't, using pfkey. Use reqid or ip xfrm.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help