On Thu, Dec 21, 2017 at 05:32:24PM +0100, Tobias Brunner wrote:
> If SNAT modifies the source address the resulting packet might match
> an IPsec policy, reinject the packet if that's the case.
>
> The exact same thing is already done for IPv4.
Right, this was forgotten when IPv6 got NAT support.
If SNAT modifies the source address the resulting packet might match
an IPsec policy, reinject the packet if that's the case.
The exact same thing is already done for IPv4.
Signed-off-by: Tobias Brunner
---
net/ipv6/ip6_output.c | 8
1 file changed, 8 insertions(+)
diff --git a/net/ip
