Hi. On Wed, Sep 05, 2012 at 03:02:20PM +0200, Andreas Longwitz wrote: [...] > The last patch makes it possible for a transport mode client to open a > new connection to the server immediately after closing an old > connection. Without this patch the client must wait for the routers to > forget all there NAT entries. > > @@ -4065,10 +4084,12 @@ > /* > * If NAT-T is enabled, check ports for tunnel mode. > * Do not check ports if they are set to zero in the SPD. > - * Also do not do it for transport mode, as there is no > + * Also do not do it for native transport mode, as there is no > * port information available in the SP. > */ > - if (saidx1->mode == IPSEC_MODE_TUNNEL && > + if ((saidx1->mode == IPSEC_MODE_TUNNEL || > + (saidx1->mode == IPSEC_MODE_TRANSPORT && > + saidx1->proto == IPPROTO_ESP)) && > saidx1->src.sa.sa_family == AF_INET && > saidx1->dst.sa.sa_family == AF_INET && > ((const struct sockaddr_in *)(&saidx1->src))->sin_port &&
Sorry for the delay, I just commited it on HEAD. Thanks for the patch, I'll try to take time to have a look at your other patches/issues ASAP, feel free to send updated versions, mail me, etc.... Yvan. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[email protected]"
