Hi, Please see the extract below from:- http://sourceforge.net/mailarchive/message.php?msg_id=8184069 "Thanks for catching this. Before the 2.6.5 kernel, the family for the selector that the kernel uses for policies was not being set. This was fixed in 2.6.5. However, it was only changed for spdadds and not for spddeletes so that is why you are seeing it not matching. Once I modified the 2.6.6 kernel to also set the family for spddeletes, the policy is correctly deleted. I"ll send out a patch for this once I get approval for it. In the meantime, if you want to fix it yourself, feel free to. The function that needs to be changed in the kernel is pfkey_spddelete, and it just needs to set sel.family appropriately based on the family of the source or destination address." In the vanilla kernel 2.6.8.1 it has been corrected. The functions involved are in :/usr/src/linux-2.6.8.1/net/key/af_key.c When is this likely to be incorporated in an on line update version? Thanks, The content of this e-mail and any attachment is private and may be legally privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this e-mail and/or its attachments is unauthorised. If you have received this e-mail in error please notify the sender by e-mail and delete this message and any attachments immediately from this system. Inmedia Communications Limited is a private limited company incorporated in England and Wales with registration number 02928653 and whose registered office is at Chalfont Grove, Narcot Lane, Gerrards Cross SL9 8TW. For more information please visit: http://www.inmedia.co.uk