kernel-netlink: Alternatively support global port based IKE bypass policies
authorMartin Willi <martin@revosec.ch>
Wed, 16 Jul 2014 14:31:52 +0000 (16:31 +0200)
committerMartin Willi <martin@revosec.ch>
Fri, 21 Nov 2014 09:55:45 +0000 (10:55 +0100)
commit87888f99265b8617fd430f2adc6c6c5e59a47979
tree061a5065e637a666fd771ff09c552c6b0073371a
parent6f9df556ba504ce8504fd4802d8ce2fe9da1e661
kernel-netlink: Alternatively support global port based IKE bypass policies

The socket based IKE bypass policies are usually superior, but not supported
on all networking stacks. The port based variant uses global policies for the
UDP ports we have IKE sockets for.
conf/plugins/kernel-netlink.opt
src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c