On Thu, Dec 21, 2017 at 05:32:24PM +0100, Tobias Brunner wrote: > If SNAT modifies the source address the resulting packet might match > an IPsec policy, reinject the packet if that's the case. > > The exact same thing is already done for IPv4.
Right, this was forgotten when IPv6 got NAT support. Acked-by: Steffen Klassert <[email protected]> Thanks!
