aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h
diff options
context:
space:
mode:
authorAndreas Steffen <andreas.steffen@strongswan.org>2016-04-09 16:46:37 +0200
committerAndreas Steffen <andreas.steffen@strongswan.org>2016-04-09 16:51:02 +0200
commitd3af3b799fd6dd872e305e3a7db5719e1024b9d1 (patch)
tree7b6013a6572033383c8e3e43a22c09a5fa27184b /src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h
parentd3edc8aa0f3a793a722825ab09a4a7142c6c83f2 (diff)
downloadstrongswan-d3af3b799fd6dd872e305e3a7db5719e1024b9d1.tar.bz2
strongswan-d3af3b799fd6dd872e305e3a7db5719e1024b9d1.tar.xz
Extended IPsec kernel policy scheme
The kernel policy now considers src and dst port masks as well as restictions to a given network interface. The base priority is 100'000 for passthrough shunts, 200'000 for IPsec policies, 300'000 for IPsec policy traps and 400'000 for fallback drop shunts. The values 1..30'000 can be used for manually set priorities.
Diffstat (limited to 'src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.h')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 04:04:51 +0000