On Fri, 24 Dec 2004 at 01:23, David Dillow wrote: > On Wed, 2004-12-22 at 22:29 -0800, Park Lee wrote: > > Thanks. > > But, After a packet was received, It has already > > been processed by xfrm4_rcv(), xfrm4_rcv_encap(), > > ah_input(), esp_input(),etc. so, I think that > > there is no need to search(or created) a bundle > > everytime a packet is recieved, since it has > > already been processed. Am I right? > > Are you sure you're not seeing the creation of a > reply packet? Unless you're testing with UDP and a > listening socket on the receiver, you're going to > get a response packet if the incoming packet makes > it through the iptables rules. You were testing > with ICMP echo requests (ping), if I recall. > > I think either you're basing your idea of the > packet flow on printk()'s,or I'm just too tired and > missing where xfrm_lookup() gets called on the > rx path... Yes, I'm testing with ping and basing my idea of the packet flow on printk(). > (yes, sk can be NULL there, but I was wrong about > it being called for Rx'd packets, I think). Does this mean that when the reply (response) packet is sending out through xfrm_lookup(), the sk parameter of xfrm_lookup() will not be NULL? and When the incoming packet itself goes through xfrm_lookup(), the sk parameter will be NULL? Thank you and Merry Christmas. ===== Best Regards, Park Lee __________________________________ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail - : send the line "unsubscribe linux-net" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
