matthias
/
iproute2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,151 Commits 5 Branches 108 Tags 7.5 MiB
C 91.1%
C++ 5.9%
Shell 2.1%
Makefile 0.5%
Yacc 0.2%
Go to file
Joy Latten 2c319e1ab7 xfrm security context support 
In the Linux kernel, ipsec policy and SAs can include a
security context to support MAC networking. This feature
is often referred to as "labeled ipsec".

This patchset adds security context support into ip xfrm
such that a security context can be included when
add/delete/display SAs and policies with the ip command.
The user provides the security context when adding
SAs and policies. If a policy or SA contains a security
context, the changes allow the security context to be displayed.

For example,
ip xfrm state
src 10.1.1.6 dst 10.1.1.2
	proto esp spi 0x00000301 reqid 0 mode transport
	replay-window 0
	auth hmac(digest_null) 0x3078
	enc cbc(des3_ede) 0x6970763672656164796c6f676f33646573636263696e3031
	security context root:system_r:unconfined_t:s0

Please  let me know if all is ok with the patchset.
Thanks!!

regards,
Joy

Signed-off-by:  Joy Latten <latten@austin.ibm.com>
 		2011-03-17 09:58:23 -07:00
doc Add ip route save/restore 2010-12-01 11:24:58 -08:00
etc/iproute2 Add DHCP as routing protocol 2009-03-18 13:33:12 -07:00
examples gaiconf: /etc/gai.conf configuration helper. 2010-03-29 13:59:28 -07:00
genl support static-only systems 2009-11-10 10:44:20 -08:00
include v2.6.38 2011-03-15 19:27:36 -07:00
ip xfrm security context support 2011-03-17 09:58:23 -07:00
lib Cleanup ll_map 2010-12-10 11:58:09 -08:00
man ip: Few typo and grammar errors fixes for ip(8) manpage 2010-12-16 08:30:26 -08:00
misc iproute2: add 64bit support to ifstat 2010-08-23 13:05:12 -07:00
netem netem: fix installs of dist files 2010-07-31 19:31:04 -07:00
tc tc: add ACT_CSUM action support (csum) 2010-12-01 11:17:46 -08:00
testsuite Fix modes of test files 2007-09-05 12:00:01 +01:00
.gitignore Ignore GDB related files 2009-11-13 14:20:41 -08:00
COPYING Update address of FSF in license 2008-03-08 13:31:03 -08:00
ChangeLog Backout the 2.4 utsname hash patch. 2006-03-22 00:07:49 +00:00
Makefile Workaround for repeated distclean 2010-11-18 15:25:38 -08:00
README Mention need for db dev package 2006-12-13 17:01:42 -08:00
README.decnet Decnet documentation update 2005-06-13 18:47:56 +00:00
README.distribution Rename: tc/README.distribution -> README.distribution 2004-08-23 20:21:21 +00:00
README.iproute2+tc (Logical change 1.3) 2004-04-15 20:56:59 +00:00
README.lnstat Rename: misc/README.lnstat -> README.lnstat 2004-10-19 20:24:47 +00:00
RELNOTES (Logical change 1.3) 2004-04-15 20:56:59 +00:00
configure iproute2: detect iptables modules dir in configure. 2010-03-29 15:10:20 -07:00

README 

Primary site is:
	http://developer.osdl.org/dev/iproute2

Original FTP site is:
	ftp://ftp.inr.ac.ru/ip-routing/

How to compile this.
--------------------
1. Look at start of Makefile and set correct values for:

KERNEL_INCLUDE should point to correct linux kernel include directory.
Default (/usr/src/linux/include) is right as rule.

arpd needs to have the db4 development libraries. For debian
users this is the package with a name like libdb4.x-dev.
DBM_INCLUDE points to the directory with db_185.h which
is the include file used by arpd to get to the old format Berkely
database routines.  Often this is in the db-devel package.

2. make

The makefile will automatically build a file Config which
contains whether or not ATM is available, etc.

3. To make documentation, cd to doc/ directory , then
   look at start of Makefile and set correct values for
   PAGESIZE=a4		, ie: a4 , letter ...	(string)
   PAGESPERPAGE=2	, ie: 1 , 2 ...		(numeric)
   and make there. It assumes, that latex, dvips and psnup
   are in your path.

Stephen Hemminger
shemminger@osdl.org

Alexey Kuznetsov
kuznet@ms2.inr.ac.ru