check whether the packet is tunnel mode. reported from <larse@ISI.EDU>
Obtained from: KAME
This commit is contained in:
parent
4c4f66db72
commit
f09a94dbe3
@ -3148,6 +3148,8 @@ ipsec4_tunnel_validate(ip, nxt0, sav)
|
||||
|
||||
if (nxt != IPPROTO_IPV4)
|
||||
return 0;
|
||||
if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL)
|
||||
return 0;
|
||||
#ifdef _IP_VHL
|
||||
hlen = _IP_VHL_HL(ip->ip_vhl) << 2;
|
||||
#else
|
||||
@ -3186,6 +3188,8 @@ ipsec6_tunnel_validate(ip6, nxt0, sav)
|
||||
|
||||
if (nxt != IPPROTO_IPV6)
|
||||
return 0;
|
||||
if (sav->sah->saidx.mode != IPSEC_MODE_TUNNEL)
|
||||
return 0;
|
||||
switch (((struct sockaddr *)&sav->sah->saidx.dst)->sa_family) {
|
||||
case AF_INET6:
|
||||
sin6 = ((struct sockaddr_in6 *)&sav->sah->saidx.dst);
|
||||
|
Loading…
Reference in New Issue
Block a user