Would it be possible to add IPsec-labeling to the roadmap?
It allows you to separate different security levels with IPsec as a network solution for Multi-level Security
Libreswan has something like this, and I was wondering if we could add something like that to Strongswan
Here's a couple relevant links -
Whether labeled IPsec should be enabled or not; acceptable values are no (the default) and yes. See also policy-label= and secctx-attr-type=
The string representation of an access control security label that is interpreted by the LSM (e.g. SELinux) for use with Labeled IPsec. See also labeled-ipsec= and secctx-attr-type=. For example, policy-label=system_u:object_r:ipsec_spd_t:s0-s15:c0.c1023