My goal is to run some code before actual packets begin running in the IPSec tunnel. For this, I am thinking of running a callback at the time of an XFRM ESP tunnel creation, where tunnel IPs and the SPI will be known. Is there a standard way of achieving this? If I'm not mistaken, registering for any event that has xfrm_state available should be enough, for instance, xfrm_add_sa, esp_init_state.
--------------------------------------------------------------------- Intel Israel (74) Limited This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
