Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 8c77c19) | patch
ipsec: fix missing udp port check 28/40928/8
authorFan Zhang <[email protected]>
Fri, 24 May 2024 15:46:00 +0000 (16:46 +0100)
committerBeno�t Ganne <[email protected]>
Tue, 4 Jun 2024 12:44:53 +0000 (12:44 +0000)
commite7901e88302e8db99a6d02eff19daff785207691
tree6ce2b6f1325f6c1cfb6e4302e02350a6ff64f34atree | snapshot
parent8c77c1930abd36150edadcf523eceef7810e6487commit | diff
ipsec: fix missing udp port check

Type: fix

This patch fixes the missing UDP port check in IPsec NAT-T
case. As of RFC3948 UDP encapped ESP traffic should have
destination port ID of 4500, which was missing.

The related tests are updated with this port ID, too.

Change-Id: I73ecc6a93de8d0f4b642313b0f4d9c2f214a7790
Signed-off-by: Fan Zhang <[email protected]>
src/vnet/ipsec/ipsec_input.c diff | blob | history
test/template_ipsec.py diff | blob | history
test/test_ipsec_spd_flow_cache_input.py diff | blob | history
Vector Packet Processing