lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Jul 2007 18:00:19 +0200 From: Patrick McHardy <kaber@...sh.net> To: joakim.koskela@...t.fi CC: netdev@...r.kernel.org, David Miller <davem@...emloft.net> Subject: Re: [PATCH net-2.6.22-rc7] xfrm beet interfamily support Joakim Koskela wrote: > On Monday 16 July 2007 21:47:40 Patrick McHardy wrote: > >>>diff --git a/net/ipv4/xfrm4_output.c b/net/ipv4/xfrm4_output.c >>>index 44ef208..8db7910 100644 >>>--- a/net/ipv4/xfrm4_output.c >>>+++ b/net/ipv4/xfrm4_output.c >>>@@ -53,7 +53,8 @@ static int xfrm4_output_one(struct sk_buff *skb) >>> goto error_nolock; >>> } >>> >>>- if (x->props.mode == XFRM_MODE_TUNNEL) { >>>+ if (x->props.mode == XFRM_MODE_TUNNEL || >>>+ x->props.mode == XFRM_MODE_BEET) { >>> err = xfrm4_tunnel_check_size(skb); >> >>Its not a real tunnel and all packets are generated locally, why >>does it need to send ICMPs? > > > Guess not. I'll have to still trace through, but can probably be removed. Just FYI: it does make a difference with netfilter since packets may be NATed to match a policy, but thats a more general problem that also affects transport mode and should be dealt with within netfilter, possibly by propagating PMTU values amonst dst_entries. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists