Challenges and Solutions

• How do we get at incoming and outgoing packets? dummy devs? FW code?
• How to route transport mode packets (stoopid routing tricks)
• Kernel-accessible random functions -- get_random_bytes()
• Static linked KLIPS
• Route-stealing -- internal loop
• Bypass for IKE (UDP/500)
• IPIP dependance, built from it, include it.
• What to do with MTU and fragmentation
• PF_KEYv2 sockets
• Extending PF_KEYv2 or SDB?
• 2.2.x kernels