kernel-pfkey: Add support for new policy priority class

author Tobias Brunner <tobias@strongswan.org>

Tue, 13 May 2014 10:19:41 +0000 (12:19 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Thu, 19 Jun 2014 12:20:33 +0000 (14:20 +0200)
author Tobias Brunner <tobias@strongswan.org>
Tue, 13 May 2014 10:19:41 +0000 (12:19 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Thu, 19 Jun 2014 12:20:33 +0000 (14:20 +0200)
diff --git a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c

index 9bddb13..1037d99 100644 (file)
--- a/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
+++ b/src/libhydra/plugins/kernel_pfkey/kernel_pfkey_ipsec.c
@@ -135,8 +135,8 @@
  #define SOL_UDP IPPROTO_UDP
  #endif
  
-/** default priority of installed policies */
-#define PRIO_BASE 512
+/** base priority for installed policies */
+#define PRIO_BASE 384
  
  #ifdef __APPLE__
  /** from xnu/bsd/net/pfkeyv2.h */
@@ -583,6 +583,9 @@ static inline u_int32_t get_priority(policy_entry_t *policy,
                         priority <<= 1;
                         /* fall-through */
                 case POLICY_PRIORITY_DEFAULT:
+                       priority <<= 1;
+                       /* fall-trough */
+               case POLICY_PRIORITY_PASS:
                         break;
         }
         /* calculate priority based on selector size, small size = high prio */
author	Tobias Brunner <tobias@strongswan.org>
	Tue, 13 May 2014 10:19:41 +0000 (12:19 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Thu, 19 Jun 2014 12:20:33 +0000 (14:20 +0200)