Herbert Xu wrote:
On Thu, Mar 18, 2004 at 05:32:23PM +0100, Patrick McHardy wrote:
@@ -661,6 +661,20 @@
if ((*pskb)->dst->error)
return -1;
+
+#ifdef CONFIG_XFRM
+ if (!(IPCB(*pskb)->flags & IPSKB_XFRM_TRANSFORMED)) {
+ struct xfrm_policy_afinfo *afinfo;
+
+ afinfo = xfrm_policy_get_afinfo(AF_INET);
+ if (afinfo != NULL) {
+ afinfo->decode_session(*pskb, &fl);
+ xfrm_policy_put_afinfo(afinfo);
+ if (xfrm_lookup(&(*pskb)->dst, &fl, (*pskb)->sk, 0) !=
0)
+ return -1;
+ }
+ }
+#endif
BTW, you can xfrm4_route_forward here.
Is it correct that __xfrm_route_forward will use NULL for the sock
parameter to xfrm_lookup even if the packet is from a local socket ?
Regards
Patrick
|