Page MenuHomeFreeBSD

Correct IPSec SA statistic keeping

Authored by eri on Jul 29 2015, 8:48 PM.



The IPsec SA statistic keeping is used even for decision making on expiry/rekeying SAs.
When there are multiple transformations being done the statistic keeping might be wrong.

This mostly impacts multiple encapsulations on IPsec since the usual scenario it is not noticed due to the code path not taken.

Diff Detail

rS FreeBSD src repository
Automatic diff as part of commit; lint not applicable.
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

eri updated this revision to Diff 7483.Jul 29 2015, 8:48 PM
eri retitled this revision from to Correct IPSec SA statistic keeping.
eri updated this object.
eri edited the test plan for this revision. (Show Details)
eri added reviewers: ae, gnn.
eri set the repository for this revision to rS FreeBSD src repository.
eri added a project: network.
eri added a subscriber: network.
ae accepted this revision.Jul 30 2015, 7:29 AM
ae edited edge metadata.
This revision is now accepted and ready to land.Jul 30 2015, 7:29 AM
gnn accepted this revision.Jul 30 2015, 7:07 PM
gnn edited edge metadata.


This revision was automatically updated to reflect the committed changes.