* kame/sys/netinet6/in6_src.c (in6_selectsrc): changed the number of longest matching rule in source address selection from 8 to 14, so that it is easy to assign smaller numbers to more preferred rules. Additionally, a new rule to prefer addresses on alive (i.e. IFF_UP) interfaces, based on a suggestion from email@example.com. *bsd/netstat were also changed accordingly.
- change "longest match" to rule 14 - added "alive interface" as rule 8
(i.e. IFF_UP) interfaces.
from 8 to 14, so that it is easy to assign smaller numbers to higher preferred rules. (15 is reserved for future use)
- add validation before incrementing statistics array to prevent possible buffer overrun - corrected logic in preferring appropriate scope
and peer's key length in proposal is bigger than mine, it might be accepted.
>telnet) to inquire of the kernel whether AH/ESP is in use (i.e. >whether a security association exists between the local host and a >remote host)?