I've been playing around with IPSec, and I came across a problem with
encrypting data sent directly by the kernel.
Specifically, attempts to encrypt a GRE or IPIP tunnel with ipsec in
transport mode result in one of:
1) No data sent.
2) Data sent, ignored by peer.
3) Kernel panic, with no SysRq.
Numbers 1 and 2 might be configuration problems on my part, but I have
other ipsec setups running fine, and can't see anything different for
these. Number 3 is a big problem.
This is on 2.5.70. No third-party modules or other tainting. I can
provide .configs on request.
I don't have the panic copied down, but I can reproduce it and get a
copy if required.
I know I could certainly accomplish what I want with ipsec tunnel mode,
but I'm just playing around, and it's a kernel bug in any case.
Julian Blake Kongslie <email@example.com>
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----