Public bug reported: I guess esp-udp is not supported in IPv6. But when adding a SAD with IPv6 and esp-udp, the error is silently ignored and no SAD is added. I expect the command to fail and an error message to be output when adding an unsupported SAD.
I modified an example from man setkey below: #!/usr/sbin/setkey -f add 3ffe:501:4819::1 3ffe:501:481d::1 esp-udp 123457 -E des-cbc 0x3ffe05014819ffff ; Versions: Ubuntu: 12.04 ipsec-tools: 1:0.8.0-9ubuntu1 linux: 3.2.0-35-generic ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: ipsec-tools 1:0.8.0-9ubuntu1 ProcVersionSignature: Ubuntu 3.2.0-35.55-generic 3.2.34 Uname: Linux 3.2.0-35-generic x86_64 ApportVersion: 2.0.1-0ubuntu15.1 Architecture: amd64 Date: Sat Dec 29 22:21:12 2012 InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425) MarkForUpload: True ProcEnviron: TERM=xterm PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: ipsec-tools UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.ipsec.tools.conf: [modified] mtime.conffile..etc.ipsec.tools.conf: 2012-12-29T22:09:29.404383 ** Affects: ipsec-tools (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug precise -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ipsec-tools in Ubuntu. https://bugs.launchpad.net/bugs/1094547 Title: setkey fails to detect invalid use of esp-udp with IPv6 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ipsec-tools/+bug/1094547/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs