[email protected] said: > Nope. It is done that way so that certain interfaces and/or IPs can be > ignored.
The bottom line is that if Eric wants to cleanup the interface area, I think it may be possible. Bind has similar requirements. I think that discussion from NetBSD provides the key ideas on how to do it. I think that filter is only part of the problem. I haven't looked carefully at the code to find where it uses the local address on UDP packets. I'm pretty sure it will be needed for any serious crypto work. The point of that message and the previous one is that there is an option to get the local address (destination address in packet) on receive. It uses an option similar to the mechanism for getting the time stamp. >From another message in that (NetBSD) thread: > I assume that what jnemeth was really asling, was how to make it work the > way bind requires, and I suspect the IP_RECVDSTADDR setsockopt() along with > using recvmsg() is the answer really desired. (See ip(4)) That option isn't available on Linux. Looks like IP_PKTINFO will do what we want. Details in man 7 ip I don't know how the send side works. I assume there is a similar mechanism. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
