[CentOS] openswan and ipsec

# ipsec verify ... If you encounter network related SElinux errors, especially when using KLIPS, try disabling SElinux ...

Well, it is not running KLIPS but netkey, anyways I feel not comfortable about disabling selinux on a ipsec router.

I am not sure how to handle possible probems in this case, too. If I decide not to disable selinux, and I run into problems, should I

a) report it to redhat as a bug, because it is b) disable selinux because ipsec is not meant to work with selinux

Maybe just the verify script should be fixed? Maybe I should ask RedHat about this, hm. And finally, do you encounter network related SElinux errors with IPSec, both 5 and 6?