From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Miller <davem@davemloft.net>
Subject: Re: [PATCHv2 net] {pktgen, xfrm} Update IPv4 header total len and
 checksum after tranformation
Date: Sun, 01 Dec 2013 20:35:17 -0500 (EST)
Message-ID: <20131201.203517.997917100259265918.davem@davemloft.net>
References: <1385886528-9882-1-git-send-email-fan.du@windriver.com>
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Cc: steffen.klassert@secunet.com, netdev@vger.kernel.org
To: fan.du@windriver.com
Return-path: <netdev-owner@vger.kernel.org>
Received: from shards.monkeyblade.net ([149.20.54.216]:45433 "EHLO
	shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752562Ab3LBBfS (ORCPT
	<rfc822;netdev@vger.kernel.org>); Sun, 1 Dec 2013 20:35:18 -0500
In-Reply-To: <1385886528-9882-1-git-send-email-fan.du@windriver.com>
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

From: Fan Du <fan.du@windriver.com>
Date: Sun, 1 Dec 2013 16:28:48 +0800

> commit a553e4a6317b2cfc7659542c10fe43184ffe53da ("[PKTGEN]: IPSEC support")
> tried to support IPsec ESP transport transformation for pktgen, but acctually
> this doesn't work at all for two reasons(The orignal transformed packet has
> bad IPv4 checksum value, as well as wrong auth value, reported by wireshark)
> 
> - After transpormation, IPv4 header total length needs update,
>   because encrypted payload's length is NOT same as that of plain text.
> 
> - After transformation, IPv4 checksum needs re-caculate because of payload
>   has been changed.
> 
> With this patch, armmed pktgen with below cofiguration, Wireshark is able to
> decrypted ESP packet generated by pktgen without any IPv4 checksum error or
> auth value error.
> 
> pgset "flag IPSEC"
> pgset "flows 1"
> 
> Signed-off-by: Fan Du <fan.du@windriver.com>

Applied and queued up for -stable, thanks.