[strongSwan-dev] ESP Sequence
Martin Willi
martin at strongswan.org
Fri Feb 3 14:53:30 CET 2012
Hello Daniel,
> how can you ask the kernel what is the value of the ESP sequence
> counter at anytime?
Have a look at the get_replay_state() function at [1], it gets the
replay state from a kernel SA. We use it to adjust the replay state
after updating addresses of an SA.
Regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=blob;f=src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c#l1494
More information about the Dev
mailing list