From: Martin Willi <martin@strongswan.org>
Date: Tue, 29 Sep 2009 08:43:47 +0000 (+0200)
Subject: Include ICMP traffic in sync tunnel
X-Git-Tag: 4.4.0~73
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5a0a359b882b329a828069361dd4d54b5a13e284;p=thirdparty%2Fstrongswan.git

Include ICMP traffic in sync tunnel
---

diff --git a/src/charon/plugins/ha_sync/ha_sync_tunnel.c b/src/charon/plugins/ha_sync/ha_sync_tunnel.c
index e9848257ad..851054900e 100644
--- a/src/charon/plugins/ha_sync/ha_sync_tunnel.c
+++ b/src/charon/plugins/ha_sync/ha_sync_tunnel.c
@@ -234,9 +234,13 @@ static void setup_sync_tunnel(private_ha_sync_tunnel_t *this,
 
 	child_cfg = child_cfg_create("ha-sync", &lifetime, NULL, TRUE,
 						MODE_TRANSPORT, ACTION_NONE, ACTION_NONE, FALSE);
-	ts = traffic_selector_create_dynamic(0, HA_SYNC_PORT, HA_SYNC_PORT);
+	ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_SYNC_PORT, HA_SYNC_PORT);
 	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
-	ts = traffic_selector_create_dynamic(0, HA_SYNC_PORT, HA_SYNC_PORT);
+	ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);
+	child_cfg->add_traffic_selector(child_cfg, TRUE, ts);
+	ts = traffic_selector_create_dynamic(IPPROTO_UDP, HA_SYNC_PORT, HA_SYNC_PORT);
+	child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
+	ts = traffic_selector_create_dynamic(IPPROTO_ICMP, 0, 65535);
 	child_cfg->add_traffic_selector(child_cfg, FALSE, ts);
 	child_cfg->add_proposal(child_cfg, proposal_create_default(PROTO_ESP));
 	peer_cfg->add_child_cfg(peer_cfg, child_cfg);