Re: IPSEC FIRST LIGHT! (by non-kernel developer :-))

kuznet@ms2.inr.ac.ru
Thu, 7 Nov 2002 20:49:37 +0300 (MSK)


Hello!

> Alexey, any ideas?

Yes, rules with prefixlen!=32 do not work, gem forgot htonl() on netmask.

Also, forwarding is still sick, as I told you before going to sleep,
so expect a patch soon. Unfortunately, despite of all the precautions
I sleeped all the day, so I am again at the point when cannot test
anything but loopback. :-)

Alexey

===== net/key/af_key.c 1.6 vs edited =====
--- 1.6/net/key/af_key.c Thu Nov 7 04:52:11 2002
+++ edited/net/key/af_key.c Thu Nov 7 20:44:51 2002
@@ -488,7 +491,8 @@
case AF_INET:
xaddr->xfrm4_addr =
((struct sockaddr_in*)(addr + 1))->sin_addr.s_addr;
- xaddr->xfrm4_mask = ~0 << (32 - addr->sadb_address_prefixlen);
+ if (addr->sadb_address_prefixlen)
+ xaddr->xfrm4_mask = htonl(~0 << (32 - addr->sadb_address_prefixlen));
break;
case AF_INET6:
memcpy(xaddr->a6,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/