kernel-netlink: Pass zero mark to kernel if mask is set
authorTobias Brunner <tobias@strongswan.org>
Mon, 29 Aug 2016 14:39:18 +0000 (16:39 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 30 Sep 2016 13:35:32 +0000 (15:35 +0200)
commit33d3ffde25d5354ec36c26b764ab36179ef0fb34
treeb8c92f96ff119f7b45218b549a4a023568df342c
parentac9759a53270bfdb26ff73226209ee290320c4d5
kernel-netlink: Pass zero mark to kernel if mask is set

The kernel will apply the mask to the mark on the packet and then
compare it to the configured mark.  So to match only unmarked packets we
have to be able to set 0/0xffffffff.
src/libcharon/plugins/kernel_netlink/kernel_netlink_ipsec.c