Enable UDP decapsulation for both address families

author Tobias Brunner <tobias@strongswan.org>

Thu, 16 Aug 2012 13:26:37 +0000 (15:26 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Thu, 16 Aug 2012 13:26:37 +0000 (15:26 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 16 Aug 2012 13:26:37 +0000 (15:26 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Thu, 16 Aug 2012 13:26:37 +0000 (15:26 +0200)
diff --git a/src/libcharon/plugins/socket_default/socket_default_socket.c b/src/libcharon/plugins/socket_default/socket_default_socket.c

index c2b0734188dbf7696814bee3d031a9163b2bc958..8ab5a8cf33425896c08346ecf06d4a31492fa38b 100644 (file)
--- a/src/libcharon/plugins/socket_default/socket_default_socket.c
+++ b/src/libcharon/plugins/socket_default/socket_default_socket.c
@@ -534,6 +534,15 @@ static int open_socket(private_socket_default_socket_t *this,
         {
                 DBG1(DBG_NET, "installing IKE bypass policy failed");
         }
+
+       /* enable UDP decapsulation for NAT-T sockets */
+       if (port == &this->natt &&
+               !hydra->kernel_interface->enable_udp_decap(hydra->kernel_interface,
+                                                                                                  skt, family, this->natt))
+       {
+               DBG1(DBG_NET, "enabling UDP decapsulation failed");
+       }
+
         return skt;
  }
  
@@ -630,13 +639,6 @@ socket_default_socket_t *socket_default_socket_create()
                 return NULL;
         }
  
-       /* enable UDP decapsulation globally, only for one socket needed */
-       if (!hydra->kernel_interface->enable_udp_decap(hydra->kernel_interface,
-                                                       this->ipv6_natt ?: this->ipv4_natt,
-                                                       this->ipv6_natt ? AF_INET6 : AF_INET, this->natt))
-       {
-               DBG1(DBG_NET, "enabling UDP decapsulation failed");
-       }
         return &this->public;
  }
  
diff --git a/src/libcharon/plugins/socket_raw/socket_raw_socket.c b/src/libcharon/plugins/socket_raw/socket_raw_socket.c

index 1b3c9e12635486f3e85fc8aca9b653ca734b5281..e6d1e4d2f48810158fa661fe2f28883d8133b6fd 100644 (file)
--- a/src/libcharon/plugins/socket_raw/socket_raw_socket.c
+++ b/src/libcharon/plugins/socket_raw/socket_raw_socket.c
@@ -459,8 +459,8 @@ static int open_send_socket(private_socket_raw_socket_t *this,
                 DBG1(DBG_NET, "installing bypass policy on send socket failed");
         }
  
-       /* enable UDP decapsulation globally, only for one socket needed */
-       if (family == AF_INET && port == CHARON_NATT_PORT &&
+       /* enable UDP decapsulation for NAT-T sockets */
+       if (port == CHARON_NATT_PORT &&
                 !hydra->kernel_interface->enable_udp_decap(hydra->kernel_interface,
                                                                                                    skt, family, port))
         {
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 16 Aug 2012 13:26:37 +0000 (15:26 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Thu, 16 Aug 2012 13:26:37 +0000 (15:26 +0200)
src/libcharon/plugins/socket_default/socket_default_socket.c		patch \| blob \| blame \| history
src/libcharon/plugins/socket_raw/socket_raw_socket.c		patch \| blob \| blame \| history