[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 01028) forward check

To: usagi-users@xxxxxxxxxxxxxx
Subject: (usagi-users 01028) forward check
From: Hiroshi Takekawa <sian@xxxxxxxxx>
Date: Thu, 15 Nov 2001 20:15:25 +0900 (JST)
Reply-to: usagi-users@xxxxxxxxxxxxxx

Hello.

While trying to use usagi kernel with ipsec enabled, I got these
lines.

--
ipsec6_forward_check: UDP packet: sport=32781, dport=33434
ip6_outtput: (ipsec) dropping packet
--

I happened to find a possible bug fix when I was browsing source
codes. Is this right? I reckon ipsec6_forward_check() returns 0 when a
packet is OK. (And I also saw ipsec6_input_check() != 0 in
ip6_input.c)

Please check and apply.

Regards,

--
Hiroshi Takekawa <sian@xxxxxxxxx>


Index: ip6_output.c
===================================================================
RCS file: /cvsroot/usagi/usagi/kernel/linux24/net/ipv6/ip6_output.c,v
retrieving revision 1.17
diff -u -r1.17 ip6_output.c
--- ip6_output.c	2001/11/12 01:20:11	1.17
+++ ip6_output.c	2001/11/15 11:08:19
@@ -1188,7 +1188,7 @@
 #ifdef CONFIG_IPV6_IPSEC
         /* FH: IPSec handling, check for inbound rules, outbound rules are checked in ip6_output */
         if (ipsec6_forward_check) {
-                if (ipsec6_forward_check(skb)== 0) {
+                if (ipsec6_forward_check(skb) != 0) {
                         /* icmpv6_send(skb,ICMPV6_DEST_UNREACH,ICMPV6_ADM_PROHIBITED,0,skb->dev); */
 			if (net_ratelimit())
 				printk(KERN_INFO "ip6_outtput: (ipsec) dropping packet\n");

Follow-Ups:
- (usagi-users 01029) Re: forward check
  - From: KANDA Mitsuru

Prev by Date: (usagi-users 01027) Re: Multicast bind problem...
Next by Date: (usagi-users 01029) Re: forward check
Previous by thread: (usagi-users 01027) Re: Multicast bind problem...
Next by thread: (usagi-users 01029) Re: forward check
Index(es):
- Date
- Thread