[strongSwan-dev] Unserviced PFKEY sockets in starter
tobias at strongswan.org
Tue May 15 09:02:59 CEST 2012
Thanks for the report.
> Out of interest, what does starter do with these sockets? Should it be
> opening them?
Starter uses the kernel interfaces to flush the SAD and SPD entries in
the kernel when it is terminated. So it does not actually use the event
sockets registered with the kernel. The problem is that the thread pool
was not initialized in starter so there are no threads available to
actually read from these sockets. I changed this in  so that events
are now read from the sockets, even if they are currently not used by
By the way, is there a reason you use PF_KEY on Linux? There are some
limitations in comparison to the Netlink/XFRM kernel interface.
More information about the Dev