|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
linux-ipsec: applying different transforms per user
Date: Fri May 08 1998 - 11:28:39 EDT
I've been looking at the FreeS/WAN IPSEC, and would greatly
appreciate your advice on how to proceed with the following:
we'd like to add some enhancements to freeswan IPSEC to allow the
use of different security associations on a per-user or per-process
basis. The problem I've run up against is how to identify a given
packet's user/process at the point that the packet is processed
(wrapped) in ipsec_tunnel_do_xmit() -- and so to apply the correct
security associations to the packet. Incoming packets shouldn't be
a problem as they'll be identified by SPI.
This is my first adventure into the network interface in linux at such a low level and I could use some advice as to how to proceed. in short, where can I find the user or parent process ID ?
Ideally, what I'd like to do:
write a negotiation front end that accepts an application to spawn
(and all args) once the security associations have been negotiated.
the executable could be a specific application, or, a shell . . .
- the front-end performs the negotiations, saves the details of the negotiation, and then exec's the application. all network traffic from that application gets wrapped per the negotiated security association.
I've just subscribed to the mailing list, and have seen some mention of ENskip, -- is this a better direction to look in? I'm wading through the file containing all the postings to the list -- my apologies if this has already been dealt with.
Many thanks in advance,
Mark Pilon Received on Fri May 8 23:12:54 1998
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:10 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |