NETLINKXFRM - Infinite Lexicon - Infinite Lexicon

NETLINKXFRM

NETLINKXFRM is a netlink family used by the Linux kernel to configure the IPsec XFRM subsystem. It enables user-space processes to manage IPsec policies and security associations that determine how IPsec-protected traffic is processed. Through this interface, applications can create, modify, delete, and query the XFRM policy and state data that govern IPsec behavior in the kernel.

The NETLINK_XFRM interface defines message types for policies and states, such as NEWPOLICY, DELPOLICY, GETPOLICY, and

In practice, NETLINKXFRM is used by user-space tools and IPsec implementations to load and manage IPsec policies

Security and compatibility notes: the NETLINK_XFRM interface is a kernel-facing user-space API that underpins the IPsec

implementations