aboutsummaryrefslogtreecommitdiff
path: root/fs/generic_acl.c
diff options
context:
space:
mode:
authorNicolas Dichtel <nicolas.dichtel@6wind.com>2008-11-01 21:12:07 -0700
committerDavid S. Miller <davem@davemloft.net>2008-11-01 21:12:07 -0700
commit7e3a42a12c4b9d99bfe81cb929cadf0e08a37c49 (patch)
tree517e493ed8294cec73d6815f37db49c5f092f108 /fs/generic_acl.c
parente25cf4a6945e0f859186231be7164ba565412e0a (diff)
xfrm6: handling fragment
RFC4301 Section 7.1 says: "7.1. Tunnel Mode SAs that Carry Initial and Non-Initial Fragments All implementations MUST support tunnel mode SAs that are configured to pass traffic without regard to port field (or ICMP type/code or Mobility Header type) values. If the SA will carry traffic for specified protocols, the selector set for the SA MUST specify the port fields (or ICMP type/code or Mobility Header type) as ANY. An SA defined in this fashion will carry all traffic including initial and non-initial fragments for the indicated Local/Remote addresses and specified Next Layer protocol(s)." But for IPv6, fragment is treated as a protocol. This change catches protocol transported in fragmented packet. In IPv4, there is no problem. Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'fs/generic_acl.c')
0 files changed, 0 insertions, 0 deletions