1 diff -Nurb linux-1-11/include/net/sock.h linux/include/net/sock.h
2 --- linux-1-11/include/net/sock.h 2004-11-18 09:55:07.377211480 +0100
3 +++ linux/include/net/sock.h 2004-11-18 09:55:43.605703912 +0100
9 +#define UDP_OPT_IN_SOCK 1
16 int tcp_header_len; /* Bytes of tcp header to send */
19 #if defined(CONFIG_SPX) || defined (CONFIG_SPX_MODULE)
20 struct spx_opt af_spx;
21 #endif /* CONFIG_SPX */
23 + struct udp_opt af_udp;
28 diff -Nurb linux-1-11/net/Config.in linux/net/Config.in
29 --- linux-1-11/net/Config.in 2004-11-18 09:55:07.545185944 +0100
30 +++ linux/net/Config.in 2004-11-18 09:55:43.627700568 +0100
32 tristate 'Packet Generator (USE WITH CAUTION)' CONFIG_NET_PKTGEN
35 +bool 'IPSEC NAT-Traversal' CONFIG_IPSEC_NAT_TRAVERSAL
38 diff -Nurb linux-1-11/net/ipv4/udp.c linux/net/ipv4/udp.c
39 --- linux-1-11/net/ipv4/udp.c 2004-11-18 09:55:07.958123168 +0100
40 +++ linux/net/ipv4/udp.c 2004-11-18 09:55:43.638698896 +0100
43 static int udp_queue_rcv_skb(struct sock * sk, struct sk_buff *skb)
45 +#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
46 + struct udp_opt *tp = &(sk->tp_pinfo.af_udp);
49 * Charge it to the socket, dropping if the queue is full.
55 +#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
56 + if (tp->esp_in_udp) {
58 + * Set skb->sk and xmit packet to ipsec_rcv.
60 + * If ret != 0, ipsec_rcv refused the packet (not ESPinUDP),
61 + * restore skb->sk and fall back to sock_queue_rcv_skb
63 + struct inet_protocol *esp = NULL;
65 +#if defined(CONFIG_IPSEC) && !defined(CONFIG_IPSEC_MODULE)
66 + /* optomize only when we know it is statically linked */
67 + extern struct inet_protocol esp_protocol;
68 + esp = &esp_protocol;
70 + for (esp = (struct inet_protocol *)inet_protos[IPPROTO_ESP & (MAX_INET_PROTOS - 1)];
71 + (esp) && (esp->protocol != IPPROTO_ESP);
75 + if (esp && esp->handler) {
76 + struct sock *sav_sk = skb->sk;
78 + if (esp->handler(skb) == 0) {
80 + /*not sure we might count ESPinUDP as UDP...*/
81 + UDP_INC_STATS_BH(UdpInDatagrams);
89 if (sock_queue_rcv_skb(sk,skb)<0) {
90 UDP_INC_STATS_BH(UdpInErrors);
91 IP_INC_STATS_BH(IpInDiscards);
92 @@ -1044,13 +1081,49 @@
96 +static int udp_setsockopt(struct sock *sk, int level, int optname,
97 + char *optval, int optlen)
99 + struct udp_opt *tp = &(sk->tp_pinfo.af_udp);
103 + if (level != SOL_UDP)
104 + return ip_setsockopt(sk, level, optname, optval, optlen);
106 + if(optlen<sizeof(int))
109 + if (get_user(val, (int *)optval))
115 +#ifdef CONFIG_IPSEC_NAT_TRAVERSAL
116 +#ifndef UDP_ESPINUDP
117 +#define UDP_ESPINUDP 100
120 + tp->esp_in_udp = val;
124 + err = -ENOPROTOOPT;
132 struct proto udp_prot = {
135 connect: udp_connect,
136 disconnect: udp_disconnect,
138 - setsockopt: ip_setsockopt,
139 + setsockopt: udp_setsockopt,
140 getsockopt: ip_getsockopt,
141 sendmsg: udp_sendmsg,
142 recvmsg: udp_recvmsg,