[Openswan dev] [PATCH] klips + nat-t on 2.6.23

Paul Wouters paul at xelerance.com
Thu Nov 8 21:14:02 EST 2007


On Fri, 9 Nov 2007, David McCullough wrote:

> Here a patch for 2.6.23 that should give you working nat-t.
> I have done some limited testing,  all seems to be working.
> Let me know if you have any problems,

I'll have a look at it, but I don't think it is what we wanted.

We wanted to hook into xfrm4_input without requiring to modify
udp.c as you did. Similar to pppol2tp. That way, people can
compile klips as module without requiring to recompile the
entire kernel.

We did preliminary work for #testing, but we need to pass
the new icotl from pluto to the kernel to mark the socket
as an encap socket.

Though I guess this patch works against 2.6.23, so I'll
verify and put the patch up on the ftp server.

Thanks!

Paul


More information about the Dev mailing list