diff options
| author | Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> | 2002-11-07 08:36:15 -0800 |
|---|---|---|
| committer | David S. Miller <davem@nuts.ninka.net> | 2002-11-07 08:36:15 -0800 |
| commit | 586cf4682255a6927fc9da37379e985c3095a7a7 (patch) | |
| tree | 4c9b5000fc7bc0edce18154d667fba3cff528701 /include/linux/sysctl.h | |
| parent | b4903b22b89b565791a6b06843760d9dcbae1a87 (diff) | |
[IPSEC] More work.
1. Expiration of SAs. Some missing updates of counters.
Question: very strange, rfc defines use_time as time of the first use
of SA. But kame setkey refers to this as lastuse.
2. Bug fixes for tunnel mode and forwarding.
3. Fix bugs in per-socket policy: policy entries do not leak but are destroyed,
when socket is closed, and are cloned on children of listening sockets.
4. Implemented use policy: i.e. use ipsec if a SA is available,
ignore if it is not.
5. Added sysctl to disable in/out policy on some devices.
It is set on loopback by default.
6. Remove resolved reference from template. It is not used,
but pollutes code.
7. Added all the SASTATEs, now they make sense.
Diffstat (limited to 'include/linux/sysctl.h')
| -rw-r--r-- | include/linux/sysctl.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index f4f4655afac4..e70fc2ef0856 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -351,6 +351,8 @@ enum NET_IPV4_CONF_TAG=12, NET_IPV4_CONF_ARPFILTER=13, NET_IPV4_CONF_MEDIUM_ID=14, + NET_IPV4_CONF_NOXFRM=15, + NET_IPV4_CONF_NOPOLICY=16, }; /* /proc/sys/net/ipv6 */ |