Bug 3708 - неправильная работа с интерфейсами ipsec_tunnel
: неправильная работа с интерфейсами ipsec_tunnel
Status: CLOSED FIXED
: Sisyphus
(All bugs in Sisyphus/iproute2)
: unstable
: all Linux
: P2 minor
Assigned To:
:
:
:
:
:
  Show dependency tree
 
Reported: 2004-02-17 16:37 by
Modified: 2009-05-10 09:32 (History)


Attachments
нормальная обработка ipsec_tunnel (1.47 KB, patch)
2004-02-17 16:46, Denis Ovsienko
no flags Details | Diff


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2004-02-17 16:37:16
Вот, к примеру, интерфейс:

3: ipsec0@NONE: <NOARP> mtu 1480 qdisc noop
    link/[31] 00:00:00:00 brd 00:00:00:00
8: ipsectun0@NONE: <POINTOPOINT,NOARP,UP> mtu 1418 qdisc noqueue
    link/[31] d4:2a:40:13 peer d4:5a:7c:2a
    inet 10.0.0.1 peer 10.0.0.2/32 scope global ipsectun0

Link-level address такой странный, потому что ip неизвестен ARP hardware type
31. Код 31 закреплён за IPSec tunnel mode, но ни в заголовках ядра, ни в коде
iproute2 он не встречается, хотя есть определения для протоколов ESP и AH. Если
приложить патч, то неудобство исчезает:

3: ipsec0@NONE: <NOARP> mtu 1480 qdisc noop
    link/ipsectun 0.0.0.0 brd 0.0.0.0
8: ipsectun0@NONE: <POINTOPOINT,NOARP,UP> mtu 1418 qdisc noqueue
    link/ipsectun 212.42.64.19 peer 212.90.124.42
    inet 10.0.0.1 peer 10.0.0.2/32 scope global ipsectun0

Патч идёт прицепом.
------- Comment #1 From 2004-02-17 16:37:57 -------
diff -urN iproute2.altpatches/include/utils.h
iproute2.altpatches.ipsec/include/utils.h
--- iproute2.altpatches/include/utils.h	2002-01-08 21:41:16 +0200
+++ iproute2.altpatches.ipsec/include/utils.h	2004-02-17 15:12:47 +0200
@@ -22,6 +22,9 @@
 #ifndef IPPROTO_AH
 #define IPPROTO_AH	51
 #endif
+#ifndef ARPHRD_IPSECTUN
+#define ARPHRD_IPSECTUN 31 /* IPSec tunneled mode */
+#endif
 
 #define SPRINT_BSIZE 64
 #define SPRINT_BUF(x)	char x[SPRINT_BSIZE]
diff -urN iproute2.altpatches/lib/ll_addr.c iproute2.altpatches.ipsec/lib/ll_addr.c
--- iproute2.altpatches/lib/ll_addr.c	2004-02-17 15:06:50 +0200
+++ iproute2.altpatches.ipsec/lib/ll_addr.c	2004-02-17 15:09:33 +0200
@@ -33,7 +33,7 @@
 	int l;
 
 	if (alen == 4 &&
-	    (type == ARPHRD_TUNNEL || type == ARPHRD_SIT || type == ARPHRD_IPGRE)) {
+	    (type == ARPHRD_TUNNEL || type == ARPHRD_SIT || type == ARPHRD_IPGRE ||
type == ARPHRD_IPSECTUN)) {
 		return inet_ntop(AF_INET, addr, buf, blen);
 	}
 	l = 0;
diff -urN iproute2.altpatches/lib/ll_types.c
iproute2.altpatches.ipsec/lib/ll_types.c
--- iproute2.altpatches/lib/ll_types.c	2004-02-17 15:06:50 +0200
+++ iproute2.altpatches.ipsec/lib/ll_types.c	2004-02-17 15:08:56 +0200
@@ -52,6 +52,8 @@
 #ifdef ARPHRD_IEEE1394
 __PF(IEEE1394,ieee1394)
 #endif
+#define ARPHRD_IPSECTUN 31 /* IPSec tunneled mode */
+__PF(IPSECTUN,ipsectun)
 
 __PF(SLIP,slip)
 __PF(CSLIP,cslip)
------- Comment #2 From 2004-02-17 16:41:34 -------
Так, это не тот файл...
------- Comment #3 From 2004-02-17 16:43:54 -------
diff -urN iproute2.altpatches/include/utils.h
iproute2.altpatches.ipsec/include/utils.h
--- iproute2.altpatches/include/utils.h	2002-01-08 21:41:16 +0200
+++ iproute2.altpatches.ipsec/include/utils.h	2004-02-17 15:12:47 +0200
@@ -22,6 +22,9 @@
 #ifndef IPPROTO_AH
 #define IPPROTO_AH	51
 #endif
+#ifndef ARPHRD_IPSECTUN
+#define ARPHRD_IPSECTUN 31 /* IPSec tunneled mode */
+#endif
 
 #define SPRINT_BSIZE 64
 #define SPRINT_BUF(x)	char x[SPRINT_BSIZE]
diff -urN iproute2.altpatches/lib/ll_addr.c iproute2.altpatches.ipsec/lib/ll_addr.c
--- iproute2.altpatches/lib/ll_addr.c	2004-02-17 15:06:50 +0200
+++ iproute2.altpatches.ipsec/lib/ll_addr.c	2004-02-17 15:09:33 +0200
@@ -33,7 +33,7 @@
 	int l;
 
 	if (alen == 4 &&
-	    (type == ARPHRD_TUNNEL || type == ARPHRD_SIT || type == ARPHRD_IPGRE)) {
+	    (type == ARPHRD_TUNNEL || type == ARPHRD_SIT || type == ARPHRD_IPGRE ||
type == ARPHRD_IPSECTUN)) {
 		return inet_ntop(AF_INET, addr, buf, blen);
 	}
 	l = 0;
diff -urN iproute2.altpatches/lib/ll_types.c
iproute2.altpatches.ipsec/lib/ll_types.c
--- iproute2.altpatches/lib/ll_types.c	2004-02-17 15:06:50 +0200
+++ iproute2.altpatches.ipsec/lib/ll_types.c	2004-02-17 15:41:55 +0200
@@ -23,6 +23,7 @@
 #include <linux/netdevice.h>
 #include <linux/if_arp.h>
 #include <linux/sockios.h>
+#include "utils.h"
 
 char * ll_type_n2a(int type, char *buf, int len)
 {
@@ -52,6 +53,7 @@
 #ifdef ARPHRD_IEEE1394
 __PF(IEEE1394,ieee1394)
 #endif
+__PF(IPSECTUN,ipsectun)
 
 __PF(SLIP,slip)
 __PF(CSLIP,cslip)
------- Comment #4 From 2004-02-17 16:46:24 -------
Created an attachment (id=349) [details]
нормальная обработка ipsec_tunnel
------- Comment #5 From 2004-02-17 16:47:28 -------
наконец-то нашёл ссылку для аттачей :)
------- Comment #6 From 2004-05-02 00:31:04 -------
Thanks, applied in -alt5.