kernel-netlink: add outer addresses to policy when using BEET mode
authorMichael Rossberg <michael.rossberg@tu-ilmenau.de>
Wed, 22 May 2013 07:55:46 +0000 (09:55 +0200)
committerMartin Willi <martin@revosec.ch>
Fri, 24 May 2013 13:09:47 +0000 (15:09 +0200)
src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c

index 58bce62..bfb8fa8 100644 (file)
@@ -2055,7 +2055,7 @@ static status_t add_policy_internal(private_kernel_netlink_ipsec_t *this,
                                                         policy->direction != POLICY_OUT;
                        tmpl->family = ipsec->src->get_family(ipsec->src);
 
-                       if (proto_mode == MODE_TUNNEL)
+                       if (proto_mode == MODE_TUNNEL || proto_mode == MODE_BEET)
                        {       /* only for tunnel mode */
                                host2xfrm(ipsec->src, &tmpl->saddr);
                                host2xfrm(ipsec->dst, &tmpl->id.daddr);