| To: | "David S. Miller" <davem@xxxxxxxxxx> |
|---|---|
| Subject: | [PATCH] SIT tunnels over IPsec |
| From: | Michal Ludvig <michal@xxxxxxxx> |
| Date: | Fri, 16 Jan 2004 19:38:00 +0100 |
| Cc: | netdev@xxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx |
| Sender: | netdev-bounce@xxxxxxxxxxx |
| User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5b) Gecko/20030814 |
Hi! The attached patch fixes IPv6-in-IPv4 (SIT) tunnel over IPsec. Without it the SIT packets originated from the same host as the IPsec endpoint is leave the interface unencrypted and of course the tunnel doesn't work. The patch fixes it. Tested. Please apply. Thanks, Michal Ludvig -- * A mouse is a device used to point at the xterm you want to type in. * Personal homepage - http://www.logix.cz/michal --- linux-2.6.1.orig/net/ipv6/sit.c 2004-01-09 08:00:03.000000000 +0100
+++ linux-2.6.1/net/ipv6/sit.c 2004-01-16 09:51:13.000000000 +0100
@@ -485,7 +485,8 @@ static int ipip6_tunnel_xmit(struct sk_b
{ .daddr = dst,
.saddr = tiph->saddr,
.tos = RT_TOS(tos) } },
- .oif = tunnel->parms.link };
+ .oif = tunnel->parms.link,
+ .proto = IPPROTO_IPV6 };
if (ip_route_output_key(&rt, &fl)) {
tunnel->stat.tx_carrier_errors++;
goto tx_error_icmp;
@@ -757,7 +758,8 @@ static int ipip6_tunnel_init(struct net_
{ .daddr = iph->daddr,
.saddr = iph->saddr,
.tos = RT_TOS(iph->tos) } },
- .oif = tunnel->parms.link };
+ .oif = tunnel->parms.link,
+ .proto = IPPROTO_IPV6 };
struct rtable *rt;
if (!ip_route_output_key(&rt, &fl)) {
tdev = rt->u.dst.dev;
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Fwd: Re: [2.6] nfs_rename: target $file busy, d_count=2, Mike Fedyk |
|---|---|
| Next by Date: | Re: [PATCH] IPv6 MIB:ipv6RouterAdvert netlink notification, Shirley Ma |
| Previous by Thread: | [PATCH][ATM]: refcount atm sockets, contractor |
| Next by Thread: | Re: [PATCH] SIT tunnels over IPsec, David S. Miller |
| Indexes: | [Date] [Thread] [Top] [All Lists] |