[Bug 228108] if_ipsec drops all the icmp v4&v6 error messages
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri May 11 16:51:16 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=228108
--- Comment #5 from commit-hook at freebsd.org ---
A commit references this bug:
Author: ae
Date: Fri May 11 16:50:26 UTC 2018
New revision: 333497
URL: https://svnweb.freebsd.org/changeset/base/333497
Log:
Apply the change from r272770 to if_ipsec(4) interface.
It is guaranteed that if_ipsec(4) interface is used only for tunnel
mode IPsec, i.e. decrypted and decapsultaed packet has its own IP header.
Thus we can consider it as new packet and clear the protocols flags.
This allows ICMP/ICMPv6 properly handle errors that may cause this packet.
PR: 228108
MFC after: 1 week
Changes:
head/sys/net/if_ipsec.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list