diff options
author | Nicolas Dichtel <nicolas.dichtel@6wind.com> | 2008-11-01 21:12:07 -0700 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-11-01 21:12:07 -0700 |
commit | 7e3a42a12c4b9d99bfe81cb929cadf0e08a37c49 (patch) | |
tree | 517e493ed8294cec73d6815f37db49c5f092f108 /fs/generic_acl.c | |
parent | e25cf4a6945e0f859186231be7164ba565412e0a (diff) |
xfrm6: handling fragment
RFC4301 Section 7.1 says:
"7.1. Tunnel Mode SAs that Carry Initial and Non-Initial Fragments
All implementations MUST support tunnel mode SAs that are configured
to pass traffic without regard to port field (or ICMP type/code or
Mobility Header type) values. If the SA will carry traffic for
specified protocols, the selector set for the SA MUST specify the
port fields (or ICMP type/code or Mobility Header type) as ANY. An
SA defined in this fashion will carry all traffic including initial
and non-initial fragments for the indicated Local/Remote addresses
and specified Next Layer protocol(s)."
But for IPv6, fragment is treated as a protocol. This change catches
protocol transported in fragmented packet. In IPv4, there is no
problem.
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'fs/generic_acl.c')
0 files changed, 0 insertions, 0 deletions