Marco Berizzi wrote:
How are handled NAT-T packets (udp/4500) with these patches?
Instead of ESP packets you see the encapsulated UDP packets
on the netfilter hooks:
(none):~# ping 10.0.0.1 -c 1
PING 10.0.0.1 (10.0.0.1): 56 data bytes
OUTPUT IN= OUT=eth0 SRC=10.0.0.2 DST=10.0.0.1 LEN=84
How are handled NAT-T packets (udp/4500) with these patches?
Patrick McHardy wrote:
On Fri, 11 Nov 2005, Gerd v. Egidy wrote:
Hi,
This is the latest set patches for netfilter IPsec support.
The use of netif_rx for the innermost SA if it used transport
mode has been replaced by explicit
On Fri, 11 Nov 2005, Gerd v. Egidy wrote:
Hi,
This is the latest set patches for netfilter IPsec support.
The use of netif_rx for the innermost SA if it used transport
mode has been replaced by explicit NF_HOOK calls in
xfrm{4,6}_input.c.
Could you please describe the solution you
From: Patrick McHardy [EMAIL PROTECTED]
Date: Fri, 11 Nov 2005 04:18:52 +0100
This is the latest set patches for netfilter IPsec support.
The use of netif_rx for the innermost SA if it used transport
mode has been replaced by explicit NF_HOOK calls in
xfrm{4,6}_input.c.
Note that I consider