ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

kernel-netlink: Pass zero mark to kernel if mask is set 

The kernel will apply the mask to the mark on the packet and then
compare it to the configured mark.  So to match only unmarked packets we
have to be able to set 0/0xffffffff.
This commit is contained in:
Tobias Brunner 2016-08-29 16:39:18 +02:00
parent ac9759a532
commit 33d3ffde25
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c
View File

@ -1245,7 +1245,7 @@ METHOD(kernel_ipsec_t, get_cpi, status_t,
*/
static void format_mark(char *buf, int buflen, mark_t mark)
{
if (mark.value)
if (mark.value | mark.mask)
{
snprintf(buf, buflen, " (mark %u/0x%08x)", mark.value, mark.mask);
}
@ -1256,7 +1256,7 @@ static void format_mark(char *buf, int buflen, mark_t mark)
*/
static bool add_mark(struct nlmsghdr *hdr, int buflen, mark_t mark)
{
if (mark.value)
if (mark.value | mark.mask)
{
struct xfrm_mark *xmrk;