[strongSwan] libhydra

Joy Latten joy.latten at canonical.com
Mon Nov 14 22:07:54 CET 2016


I seek a bit of clarity while understanding the libhydra code and
strongswan modularity. From reading the code, the kernel_interface_t in
libhydra is somewhat generic. It cannot really do anything, that is, it
cannot really talk to the kernel without a kernel_ipsec_t being defined,
implemented,  and loaded, which the 3 plugins, kernel_netlink,
kernel_pfkey, or kernel_pfroute currently do. Any new plugin for talking
to the kernel would require a kernel_ipsec_t as well. Is this correct?

Thanks for all help and info.


More information about the Users mailing list