I'm trying to use IPsec after a packet has been received, processed and tunneled in a new one with different source and destination addresses.
The problem is that it seems that the Security Policy Database is read by the kernel only once the packet arrives, so that it doesn't check again the Policies for the new one before sending it. Is it possible to force the kernel to check again for the packets the SPD?
Thanks in advance