[strongSwan] disable_policy and disable_xfrm

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Thu May 3 20:38:40 CEST 2018

From the documentation[1]:

disable_policy - BOOLEAN
	Disable IPSEC policy (SPD) for this interface

disable_xfrm - BOOLEAN
	Disable IPSEC encryption on this interface, whatever the policy

[1] https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt

On 03.05.2018 00:29, James Smith wrote:
> Can anyone tell me what the effect of disabling policy and xfrm in sysctl has?  I see that it is done when I create a VTI tunnel or use as a traffic selector, but I can't find any documentation as to what it actually does.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180503/e812e91c/attachment.sig>

More information about the Users mailing list