libnl and IPsec/XFRM
Joerg Pommnitz
pommnitz at yahoo.com
Fri Feb 17 07:44:22 EST 2012
----- Karl Hiramoto wrote -----
>
> You can always implement your own netlink calls using the "generic
> netlink" lib
> http://www.infradead.org/~tgr/libnl/doc/api/group__genl.html
> <http://www.infradead.org/%7Etgr/libnl/doc/api/group__genl.html>
Can I? I wasn't sure. I thought generic netlink is something distinct from the specialized netlink protocols like routing and XFRM. And anyway, I was looking for something with the convenience methods that come with direct libnl support.
> I'm not very familiar with NETLINK_XFRM What are you trying to do that
> libipsec can't do? http://ipsec-tools.sourceforge.net/
AFAIK libipsec sits on top of PF_KEY, which is deprecated. I'm just looking at my options to figure out how to proceed.
What I need is a painless way to manipulate and read the IPsec SPD an SAD.
> just a libnl user,
>
> --
> Karl
>
Kind regards
Joerg
More information about the libnl
mailing list