[strongSwan] duplicate ESP packet issue
aditya vikram
aaditya_vik at yahoo.com
Mon Nov 19 14:50:49 CET 2012
Hi,
I am testing anti replay feature of linux kernel with strongswan version 5.0.0 and found some issues.I am capturing an ESP packet and replaying the captured packet to the linux machine (IKE initiater).After sending duplicate packet around 30 times SA and child SA goes down which I think should not happen. Is this the expected behaviour and if yes what is the trigger from kernel to IKE daemon.
I can see only four messages from kernel to IKE:
1)XFRM_MSG_ACQUIRE
2)XFRM_MSG_EXPIRE
3)XFRM_MSG_MIGRATE
4)XFRM_MSG_MAPPING
Best Regards
Aditya Vikram
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20121119/cc68f654/attachment.html>
More information about the Users
mailing list