On 03/19/10 14:53, Ermal Luçi wrote:
Shouldn't this check be if (m->m_len> sizeof (struct ip)) { instead of if (m->m_len< sizeof (struct ip)) {in http://fxr.watson.org/fxr/source/netipsec/ipsec.c?im=excerpts#L595
You're right (only '>' should be '>=' here, perhaps?). This change fixed my problem with natted ipsec when UDP NATT port 4500 sometimes turned into garbage in socket's security policies. After I applied this fix, ports are correct. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
