[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(usagi-users 03974) Re: Patch for NEMO IPsec



Hi Sebastien,

On 2007/10/16, at 10:08, Sebastien Decugis wrote:
This is a patch to apply on top of NEMO BS patch [1]. Currently, when
TunnelPayload protection is set in the Mobile Router mip6d.conf file,
the traffic to the MR is protected, but traffic that is directed to a
MNN is sent in clear between MR and HA.

The attached patch fixes this by adding IPsec policies to protect also
the traffic to and from the MNP.

Thank you for your patch. I have integrated it in the NEPL patch for UMIP 0.4 (with small modifications, see below) that is now available on http://www.nautilus6.org/doc/nepl-howto/


Regards,
Romain


diff -Nur trunk.common-mod/src/xfrm.c trunk.mr/src/xfrm.c
--- trunk.common-mod/src/xfrm.c	2007-10-15 17:54:32.000000000 +0900
+++ trunk.mr/src/xfrm.c	2007-10-16 11:59:58.000000000 +0900
[snip]
+	/* Loop for each HomeAddress info */
+	list_for_each(home, &conf_parsed->home_addrs)
[snip]
+	/* Loop for each HomeAddress info */
+	list_for_each(home, &conf_parsed->home_addrs)

I Changed "conf_parsed->" to "conf" (I suspect you built your patch on you previous patch about configuration reload capability).


diff -Nur trunk.common-mod/src/ha.c trunk.ha/src/ha.c
--- trunk.common-mod/src/ha.c	2007-10-15 17:54:32.000000000 +0900
+++ trunk.ha/src/ha.c	2007-10-15 17:45:35.000000000 +0900
[snip]
+ mnp = &(p->bce->mob_net_prefixes);

I removed the parenthesis as suggested by Yoshifuji-san.

Thanks again,
romain