From: Herbert Xu <[EMAIL PROTECTED]> Date: Wed, 17 Oct 2007 23:26:02 +0800
> On Wed, Oct 17, 2007 at 10:34:19PM +0800, Herbert Xu wrote: > > [IPSEC]: Rename mode to outer_mode and add inner_mode > > Oops. This patch is missing two files. Here is the correct > version. > > Cheers, > -- > Visit Openswan at http://www.openswan.org/ > Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > -- > [IPSEC]: Rename mode to outer_mode and add inner_mode > > This patch adds a new field to xfrm states called inner_mode. The existing > mode object is renamed to outer_mode. > > This is the first part of an attempt to fix inter-family transforms. As it > is we always use the outer family when determining which mode to use. As a > result we may end up shoving IPv4 packets into netfilter6 and vice versa. > > What we really want is to use the inner family for the first part of outbound > processing and the outer family for the second part. For inbound processing > we'd use the opposite pairing. > > I've also added a check to prevent silly combinations such as transport mode > with inter-family transforms. > > Signed-off-by: Herbert Xu <[EMAIL PROTECTED]> Applied, thanks Herbert. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
