This must be revisited - IKE/racoon breaks with 1.240.
racoon listens on port 500. packets for port 500 arrive at the interface (tcpdump sees them), but racoon NEVER receives any packets for port 500 (debug/ktuss sees nothing).


Frank

On 02/10/18 09:17, Maxime Villard wrote:
Module Name:    src
Committed By:   maxv
Date:           Sat Feb 10 08:17:00 UTC 2018

Modified Files:
        src/sys/netinet: udp_usrreq.c

Log Message:
If the socket wants a ESP-over-UDP packet, and the packet is incorrect,
stop processing it instead of giving it to udp4_sendup. It just doesn't
make any sense not to drop it.

I was already telling myself this the other day when I visited this place,
but I just saw PR/36782 (11 years old) that suggests the exact same thing,
so fix it.

Now, udp4_espinudp always frees the mbuf, and is made void. The packet is
not processed any further afterwards.


To generate a diff of this commit:
cvs rdiff -u -r1.239 -r1.240 src/sys/netinet/udp_usrreq.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Reply via email to