Re: [Ipsec] Issue on input process of Linux native IPsec
On Fri, 24 Dec 2004 at 16:15, David Dillow wrote: > xfrm_lookup() is only called for outgoing packets, > not for received packets. I don't think ping > replies (ICMP echo replies) will ever have a non- > NULL sk, as they are not associated with a socket. But, as we know, The Linux network component creates two special purpose sockets for use by the AF_INET protocol family. The tcp socket is used to send resets when a TCP packet is rejected, since there may be no local socket corresponding to the packet. The icmp socket is used to send ICMP messages. Then, Why did you say that ping replies (ICMP echo replies) were not associated with a socket? Is there any difference between the special purpose socket and the socket you mentioned above? Thank you. Best Regards, Park Lee __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
What's the purpose of ip_route_output_flow()?
Hi, Would you please tell me what the purpose of ip_route_output_flow() is? and What the differences between it and ip_route_output_key() are? Thank you. = Best Regards, Park Lee __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Are there any explanation for struct flowi?
Hi, I'm now learning the net stack of Linux. Would you please tell whether there are any explanation for struct flowi? What it is used for? Thank you. = Best Regards, Park Lee __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [NET]: Add sock_create_kern()
On 2004-05-08 at 22:00, James Morris wrote: > Under SELinux, and potentially other LSMs, we need > to be able to distinguish between user sockets and > kernel sockets. For SELinux specifically, kernel > sockets need to be specially labeled during > creation, then bypass access control checks (they > are controlled by the kernel itself and not subject > to SELinux mediation). Do both user sockets and kernel sockets have a socket structure and a corresponding sock structure (i.e. a BSD socket and a INET socket) with them? In 8.1.1 of "Integrating Flexible Support for Security Policies into the Linux Operating System", It says: "The Linux network component creates two special purpose sockets for use by the AF_INET protocol family. The tcp socket is used to send resets when a TCP packet is rejected, since there may be no local socket corresponding to the packet. The icmp socket is used to send ICMP messages.Two initial SIDs were defined for these sockets, with the corresponding security context determined by the security server." Does the "local socket" here refer to the "user socket" as you mentioned above? Thank you very much. = Best Regards, Park Lee __ Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. http://baseball.fantasysports.yahoo.com/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/