libreswan seems to compile with seccomp with USE=seccomp, but this is not seemingly enough to actually enable it at runtime. Manual [0]: >The current default is disabled, but it is expected that in the future this feature will be enabled on all supported operating systems. Similarly, it is expected that further privilege separation will reduce the allowed syscalls - for example for the crypto helpers or DNS helpers. [0] https://libreswan.org/man/ipsec.conf.5.html
It is not clear to me what the issue is here.