On Sat, Jun 28, 2003 at 10:48:04AM +0400, kuznet@ms2.inr.ac.ru wrote: > > > Not if you use xfrm_user. In that the case it is filled in with info > > from the KM. > > Do you suggest to leave pfkeyv2 in peace with all the holes or to get rid > of it? :-) Perhaps that will encourage pfkey users to migrate :) But seriously, pfkeyv2 already fills in the source address. Source port and protocol can also be retrieved from the proxy field. It is true that there is no way to fill the destination in at the moment, but unlike the sources address, that's easily dealt with in the firewall. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
