SGH_WIKI

User Tools

Site Tools

Trace: tcp checksum linuxdma ipsec skb device_tree mount_filesystem notes
mywiki:linux:ipsec

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
mywiki:linux:ipsec [2015/12/22 10:35] – [IPSec kernel APIs] supermywiki:linux:ipsec [2019/09/15 18:55] (current) – external edit 127.0.0.1
Line 1: Line 1:
 **IPSec Implementation in Linux** **IPSec Implementation in Linux**
 +
 +| Reference | {{:mywiki:linux:chapter10_ipsec.pdf| ipsec_xfrm }} |
  
 ====== IPSEC Basic ====== ====== IPSEC Basic ======
Line 43: Line 45:
 | calg | **Compression** algo pointer | | calg | **Compression** algo pointer |
 | aead | **Authentication Encryption** with Associated Data pointer | Note: if (aead == NULL); then only authentication without any encryption | | aead | **Authentication Encryption** with Associated Data pointer | Note: if (aead == NULL); then only authentication without any encryption |
 +| encap | Data for **encapsulator**, ie, for **special UDP** Encapsulation only | draft-ietf-ipsec-udp-encaps-06 |
  
  
Line 240: Line 243:
  
 ===== IPSec SA initialize ===== ===== IPSec SA initialize =====
-It is initialized by API: **static int esp_init_state(struct xfrm_state *x)**+It is initialized by API: **static int esp_init_state(struct xfrm_state *x)**, which is defined in file: 
 +  * net/ipv4/esp4.c 
 +  * net/ipv6/esp6.c
 ===== IPSec Tx steps ===== ===== IPSec Tx steps =====
 <file> <file>
mywiki/linux/ipsec.1450751726.txt.gz · Last modified: (external edit)