Receiving IPSEC ESP and AH Messages
I am working with Fedora Core 1, and I am trying to figure out if it is possible to write a userspace program that receives IPSEC ESP and AH packets. As far as I know, the kernel version I am using does include support for IPSEC. I tried to use raw sockets:
int fd = socket(PK_INET, SOCK_RAW, IPPROTO_ESP)
but when I send an ESP packet to my Fedora system, the packet is never received. It doesn't even show up on an Ethereal trace. It seems like it is being discarded by the kernel very early on.
Please note that I am trying to provide my own handling for these packets, rather than using something like Openswan.
Maybe it is not possible to do what I am trying to do, but maybe there is just something simple I'm missing. Any ideas?