kernel-netlink: Add support for new policy priority class

author Tobias Brunner <tobias@strongswan.org>

Tue, 13 May 2014 10:17:09 +0000 (12:17 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Thu, 19 Jun 2014 12:20:33 +0000 (14:20 +0200)
author Tobias Brunner <tobias@strongswan.org>
Tue, 13 May 2014 10:17:09 +0000 (12:17 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Thu, 19 Jun 2014 12:20:33 +0000 (14:20 +0200)
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c

index 1e250d0..8642b8c 100644 (file)
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -70,8 +70,8 @@
  #define SOL_UDP IPPROTO_UDP
  #endif
  
-/** Default priority of installed policies */
-#define PRIO_BASE 512
+/** Base priority for installed policies */
+#define PRIO_BASE 384
  
  /** Default lifetime of an acquire XFRM state (in seconds) */
  #define DEFAULT_ACQUIRE_LIFETIME 165
@@ -606,6 +606,9 @@ static inline u_int32_t get_priority(policy_entry_t *policy,
                         priority <<= 1;
                         /* fall-through */
                 case POLICY_PRIORITY_DEFAULT:
+                       priority <<= 1;
+                       /* fall-through */
+               case POLICY_PRIORITY_PASS:
                         break;
         }
         /* calculate priority based on selector size, small size = high prio */
author	Tobias Brunner <tobias@strongswan.org>
	Tue, 13 May 2014 10:17:09 +0000 (12:17 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Thu, 19 Jun 2014 12:20:33 +0000 (14:20 +0200)