1. 02 Nov, 2008 1 commit
    • Nicolas Dichtel's avatar
      xfrm6: handling fragment · 7e3a42a1
      Nicolas Dichtel authored
      RFC4301 Section 7.1 says:
      
      "7.1.  Tunnel Mode SAs that Carry Initial and Non-Initial Fragments
      
           All implementations MUST support tunnel mode SAs that are configured
           to pass traffic without regard to port field (or ICMP type/code or
           Mobility Header type) values.  If the SA will carry traffic for
           specified protocols, the selector set for the SA MUST specify the
           port fields (or ICMP type/code or Mobility Header type) as ANY.  An
           SA defined in this fashion will carry all traffic including initial
           and non-initial fragments for the indicated Local/Remote addresses
           and specified Next Layer protocol(s)."
      
      But for IPv6, fragment is treated as a protocol.  This change catches
      protocol transported in fragmented packet.  In IPv4, there is no
      problem.
      Signed-off-by: default avatarNicolas Dichtel <nicolas.dichtel@6wind.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7e3a42a1
  2. 31 Oct, 2008 39 commits