This must be revisited - IKE/racoon breaks with 1.240.
racoon listens on port 500. packets for port 500 arrive at the interface
(tcpdump sees them), but racoon NEVER receives any packets for port 500
(debug/ktuss sees nothing).
Frank
On 02/10/18 09:17, Maxime Villard wrote:
Module Name: src
Committed By: maxv
Date: Sat Feb 10 08:17:00 UTC 2018
Modified Files:
src/sys/netinet: udp_usrreq.c
Log Message:
If the socket wants a ESP-over-UDP packet, and the packet is incorrect,
stop processing it instead of giving it to udp4_sendup. It just doesn't
make any sense not to drop it.
I was already telling myself this the other day when I visited this place,
but I just saw PR/36782 (11 years old) that suggests the exact same thing,
so fix it.
Now, udp4_espinudp always frees the mbuf, and is made void. The packet is
not processed any further afterwards.
To generate a diff of this commit:
cvs rdiff -u -r1.239 -r1.240 src/sys/netinet/udp_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.