You may look in source of ipsec-tools http://ipsec-tools.sourceforge.net/
Yuval Lifshitz wrote:
In FreeBSD there is a C interface to the "setkey" command: "ipsec_set_policy", "ipsec_get_policylen", "ipsec_dump_policy". Using: netinet6/ipsec.h header and libipsec library. I couldn't find a similar interface in FC2. Does anyone know of a patch that does that? Can I use "setsockopt" to manipulate "setkey" values from a C program?
Yuval Lifshitz CableMatrix Inc.
