On Tue, 17 Feb 2009, Jan Engelhardt wrote:
ipip is not used for ipsec.
my reading of the code was that in tunnel mode, the next protocol header is ip and so the packet then gets handed off to the ip-ip handler. and that is where i saw it being handed off to the recv routine again. that seemed to match what i see with tcpdump since both the ipsec packet and the decrypted packet show up.
-- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
