git.neil.brown.name Git - history.git/commit

author	Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
	Thu, 7 Nov 2002 16:36:15 +0000 (08:36 -0800)
committer	David S. Miller <davem@nuts.ninka.net>
	Thu, 7 Nov 2002 16:36:15 +0000 (08:36 -0800)
commit	586cf4682255a6927fc9da37379e985c3095a7a7
tree	4c9b5000fc7bc0edce18154d667fba3cff528701	tree \| snapshot
parent	b4903b22b89b565791a6b06843760d9dcbae1a87	commit \| diff

[IPSEC] More work.
1. Expiration of SAs. Some missing updates of counters.
   Question: very strange, rfc defines use_time as time of the first use
   of SA. But kame setkey refers to this as lastuse.
2. Bug fixes for tunnel mode and forwarding.
3. Fix bugs in per-socket policy: policy entries do not leak but are destroyed,
   when socket is closed, and are cloned on children of listening sockets.
4. Implemented use policy: i.e. use ipsec if a SA is available,
   ignore if it is not.
5. Added sysctl to disable in/out policy on some devices.
   It is set on loopback by default.
6. Remove resolved reference from template. It is not used,
   but pollutes code.
7. Added all the SASTATEs, now they make sense.

include/linux/inetdevice.h		diff \| blob \| history
include/linux/sysctl.h		diff \| blob \| history
include/net/xfrm.h		diff \| blob \| history
net/ipv4/af_inet.c		diff \| blob \| history
net/ipv4/ah.c		diff \| blob \| history
net/ipv4/devinet.c		diff \| blob \| history
net/ipv4/esp.c		diff \| blob \| history
net/ipv4/route.c		diff \| blob \| history
net/ipv4/tcp.c		diff \| blob \| history
net/ipv4/tcp_minisocks.c		diff \| blob \| history
net/ipv4/xfrm_input.c		diff \| blob \| history
net/ipv4/xfrm_policy.c		diff \| blob \| history
net/ipv4/xfrm_state.c		diff \| blob \| history
net/key/af_key.c		diff \| blob \| history