[strongSwan-dev] libipsec and shunt policies: passthrough, drop

Zachery Stoddard zacherystoddard at gmail.com
Wed Dec 17 20:07:29 CET 2014

I'm interested in utilizing libipsec with passthrough and drop
policies, but I see in the source that the capability is explicitly
passed over with the comment: "/* we ignore these policies as we
currently have no use for them */".

In my eyes, there is a big difference between "no use for them" and
"haven't implemented yet".

So before I go further on my effort I figured I would ask, does the
architecture of libipsec somehow preclude the inclusion of passthrough
and drop?

Is anyone else working on this?


More information about the Dev mailing list