dear maintainer, we are moving our xfrm configuration to be based on xfrm interfaces as opposed to using mark values. so we use intf_id to glue the state/policy and interface. right now i found out that, while the states can be managed just fine, the policy won't be deleted as the mark value seems to be the only key we can use to reference a policy.
example: ``` ip xfrm policy update src 0.0.0.0/0 dst 0.0.0.0/0 dir out priority 200000 ptype main tmpl src 1.2.3.4 dst 4.3.2.1 proto esp spi 0x12345678 reqid 4096 mode tunnel if_id 0x100 root@ca870b7a2863:/opt/src# ip xfrm policy ls src 0.0.0.0/0 dst 0.0.0.0/0 dir out priority 200000 ptype main tmpl src 1.2.3.4 dst 4.3.2.1 proto esp spi 0x12345678 reqid 4096 mode tunnel if_id 0x100 root@ca870b7a2863:/opt/src# ip xfrm policy del src 0.0.0.0/0 dst 0.0.0.0/0 dir out if_id 4096 Error: argument "if_id" is wrong: unknown root@ca870b7a2863:/opt/src# ip xfrm policy del src 0.0.0.0/0 dst 0.0.0.0/0 dir out if_id 0x100 Error: argument "if_id" is wrong: unknown root@ca870b7a2863:/opt/src# ip xfrm policy del src 0.0.0.0/0 dst 0.0.0.0/0 dir out mark 0x100 RTNETLINK answers: No such file or directory root@ca870b7a2863:/opt/src# ip xfrm policy del src 0.0.0.0/0 dst 0.0.0.0/0 dir out mark 4096 RTNETLINK answers: No such file or directory root@ca870b7a2863:/opt/src# ip xfrm policy del src 0.0.0.0/0 dst 0.0.0.0/0 dir out spi 0x12345678 Error: argument "spi" is wrong: unknown root@ca870b7a2863:/opt/src# ``` On Thu, Aug 6, 2020 at 5:18 PM Debian Bug Tracking System < ow...@bugs.debian.org> wrote: > Thank you for filing a new Bug report with Debian. > > You can follow progress on this Bug here: 968025: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968025. > > This is an automatically generated reply to let you know your message > has been received. > > Your message is being forwarded to the package maintainers and other > interested parties for their attention; they will reply in due course. > > As you requested using X-Debbugs-CC, your message was also forwarded to > bsoares...@gmail.com > (after having been given a Bug report number, if it did not have one). > > Your message has been sent to the package maintainer(s): > Alexander Wirt <formo...@debian.org> > > If you wish to submit further information on this problem, please > send it to 968...@bugs.debian.org. > > Please do not send mail to ow...@bugs.debian.org unless you wish > to report a problem with the Bug-tracking system. > > -- > 968025: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968025 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems >
