* [PATCH] SIT tunnels over IPsec
@ 2004-01-16 18:38 Michal Ludvig
2004-01-20 5:19 ` David S. Miller
0 siblings, 1 reply; 2+ messages in thread
From: Michal Ludvig @ 2004-01-16 18:38 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 415 bytes --]
Hi!
The attached patch fixes IPv6-in-IPv4 (SIT) tunnel over IPsec. Without
it the SIT packets originated from the same host as the IPsec endpoint
is leave the interface unencrypted and of course the tunnel doesn't
work. The patch fixes it. Tested.
Please apply.
Thanks,
Michal Ludvig
--
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal
[-- Attachment #2: kernel-sit.diff --]
[-- Type: text/plain, Size: 856 bytes --]
--- linux-2.6.1.orig/net/ipv6/sit.c 2004-01-09 08:00:03.000000000 +0100
+++ linux-2.6.1/net/ipv6/sit.c 2004-01-16 09:51:13.000000000 +0100
@@ -485,7 +485,8 @@ static int ipip6_tunnel_xmit(struct sk_b
{ .daddr = dst,
.saddr = tiph->saddr,
.tos = RT_TOS(tos) } },
- .oif = tunnel->parms.link };
+ .oif = tunnel->parms.link,
+ .proto = IPPROTO_IPV6 };
if (ip_route_output_key(&rt, &fl)) {
tunnel->stat.tx_carrier_errors++;
goto tx_error_icmp;
@@ -757,7 +758,8 @@ static int ipip6_tunnel_init(struct net_
{ .daddr = iph->daddr,
.saddr = iph->saddr,
.tos = RT_TOS(iph->tos) } },
- .oif = tunnel->parms.link };
+ .oif = tunnel->parms.link,
+ .proto = IPPROTO_IPV6 };
struct rtable *rt;
if (!ip_route_output_key(&rt, &fl)) {
tdev = rt->u.dst.dev;
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-01-20 5:27 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-01-16 18:38 [PATCH] SIT tunnels over IPsec Michal Ludvig
2004-01-20 5:19 ` David S. Miller
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.