[root@CnetOS7 ~]# ip xfrm state src 10.5.5.18 dst 10.5.5.10 proto esp spi 0xedbce21c reqid 16389 mode tunnel replay-window 32 flag af-unspec auth-trunc hmac(sha1) 0x4f8cdee1b453dacf606fcf630d9c5b328b952404 96 enc cbc(aes) 0x442da48e8178c4971275b9d889747536 src 10.5.5.10 dst 10.5.5.18 proto esp spi 0x921bce56 reqid 16389 mode tunnel replay-window 32 flag af-unspec auth-trunc hmac(sha1) 0x7050af8d2c7c151db1ded71d5a4468eaafdc8a29 96 enc cbc(aes) 0x8686ccf1127bb881fa382fe17f790d69 src 10.5.5.10 dst 10.5.5.18 proto esp spi 0xe6ca8cc5 reqid 16389 mode tunnel replay-window 32 flag af-unspec auth-trunc hmac(sha1) 0x3aef0708d244ede7793e328b1937d0b70d425fb7 96 enc cbc(aes) 0xa4cc55f6a88307b8f354fc3e8d576276 src 10.5.5.18 dst 10.5.5.10 proto esp spi 0x5acea75b reqid 16389 mode tunnel replay-window 32 flag af-unspec auth-trunc hmac(sha1) 0x731268575b53cfbd9cac20e988cfc5557d381036 96 enc cbc(aes) 0x1defeab6aa6ac729f3082f6b70053918 This unlabeled flow is can be initiated from my own domain for simple server TCP and client communicate via this tunnel? What You means writing about "sample configuration" in Second paragraph? _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
