Safety union nesting method for realizing different safety terminalsin IPsec standard

The method includes two procedures: input and output. For output treating flow, under condition: network interface application IPsec standard of input data packet is validated and the said packet is not a multicast data packet, SP query is carried out. SA query is carried out right along if denotation of SP is application of Ipsec standard. When SA is not void, IPsec encapsulation treatment is carried out for the data packet according to the SA. Finally, off, len in IP head of data packet are converted to sequence of local byte; semaphores of security policy database and security union database are released. The invention guarantees that security union nesting with different security destination points in IPsec implementation of policy matching and SP query can be executed correctly, raising treatment efficiency and IPsec integral efficiency.