I just noticed that the IPsec auditing code does not appear to audit the netmask for the selector source and destination addresses in xfrm_audit_common_policyinfo(). Before I threw a patch together I thought I would check to see if there was a reason for this that I am missing ...
-- paul moore linux security @ hp - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
