kernel-utun: start traffic forwarding after enabling crypto on utun

author Martin Willi <martin@revosec.ch>

Mon, 15 Apr 2013 13:33:36 +0000 (15:33 +0200)

committer Martin Willi <martin@revosec.ch>

Thu, 18 Apr 2013 12:43:56 +0000 (14:43 +0200)
author Martin Willi <martin@revosec.ch>
Mon, 15 Apr 2013 13:33:36 +0000 (15:33 +0200)
committer Martin Willi <martin@revosec.ch>
Thu, 18 Apr 2013 12:43:56 +0000 (14:43 +0200)
diff --git a/src/libhydra/plugins/kernel_utun/kernel_utun_ipsec.c b/src/libhydra/plugins/kernel_utun/kernel_utun_ipsec.c

index 644c686625037cc79ff40087ce9df53e95818f22..cae226d444878fb45547167bfb98172f3a72142a 100644 (file)
--- a/src/libhydra/plugins/kernel_utun/kernel_utun_ipsec.c
+++ b/src/libhydra/plugins/kernel_utun/kernel_utun_ipsec.c
@@ -87,6 +87,13 @@ static bool enable_crypto(tun_device_t *tun)
                          tun->get_name(tun), strerror(errno));
                 return FALSE;
         }
+       if (setsockopt(tun->get_fd(tun), SYSPROTO_CONTROL,
+                                  UTUN_OPT_START_CRYPTO_DATA_TRAFFIC, &args, sizeof(args)) < 0)
+       {
+               DBG1(DBG_KNL, "starting crypto traffic on %s failed: %s",
+                        tun->get_name(tun), strerror(errno));
+               return FALSE;
+       }
         return TRUE;
  }
author	Martin Willi <martin@revosec.ch>
	Mon, 15 Apr 2013 13:33:36 +0000 (15:33 +0200)
committer	Martin Willi <martin@revosec.ch>
	Thu, 18 Apr 2013 12:43:56 +0000 (14:43 +0200)