netdev
[Top] [All Lists]

ip_route_me_harder -> xfrm_lookup

To: "David S. Miller" <davem@xxxxxxxxxx>, netdev@xxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxxxxxx
Subject: ip_route_me_harder -> xfrm_lookup
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Mon, 8 Mar 2004 22:03:31 +1100
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.5.1+cvs20040105i
Hi:

I've received a number of reports that the any packets that are modified
by the PREROUTING mangle table will not be protected by IPsec.

The reason is that ip_route_me_harder which is called upon the exit
of the mangle table does not set the proto field.  This means that
xfrm_lookup is never called.

The following patch sets the proto field so that the packet can be
protected by IPsec.

Cheers,
-- 
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Attachment: p
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>