[strongSwan-dev] Patch proposal: set the replay window only on inbound SA

Emeric POUPON emeric.poupon at stormshield.eu
Wed Jun 15 16:38:23 CEST 2016


We have some extension in the FreeBSD kernel that allows the replay window to be quite big (up to several MB).
Since the replay window is not used on outbound SA, I think we could only set it on inbound SA in order to save memory.

What do you think?

Please find attached a simple patch proposal applied on 5.3.2


-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch-replay-window-only-on-inbound-sa
Type: text/x-patch
Size: 1132 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20160615/0b02d549/attachment.bin>

More information about the Dev mailing list