if dir&forward > 0 {
        fSA = &netlink.XfrmState{
            Src:   localIP,
            Dst:   remoteIP,
            Proto: netlink.XFRM_PROTO_ESP,