aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/updown
diff options
context:
space:
mode:
authorAndreas Steffen <andreas.steffen@strongswan.org>2010-07-17 13:27:19 +0200
committerAndreas Steffen <andreas.steffen@strongswan.org>2010-07-17 13:27:19 +0200
commitae0e3b03b73ff873b63227b6d7c1ba2465de425c (patch)
tree52bc1011d3d8b42624e1909f6f222ca6663ef817 /src/libcharon/plugins/updown
parent34e93c0280795d7ab1f7538178cc6250bf19e44c (diff)
downloadstrongswan-ae0e3b03b73ff873b63227b6d7c1ba2465de425c.tar.bz2
strongswan-ae0e3b03b73ff873b63227b6d7c1ba2465de425c.tar.xz
in a ESP_IN_UDP situation make UDP port available in the updown script
Diffstat (limited to 'src/libcharon/plugins/updown')
-rw-r--r--src/libcharon/plugins/updown/updown_listener.c24
1 files changed, 23 insertions, 1 deletions
diff --git a/src/libcharon/plugins/updown/updown_listener.c b/src/libcharon/plugins/updown/updown_listener.c
index 391a39363..ea4a792c2 100644
--- a/src/libcharon/plugins/updown/updown_listener.c
+++ b/src/libcharon/plugins/updown/updown_listener.c
@@ -115,7 +115,7 @@ METHOD(listener_t, child_updown, bool,
{
char command[1024];
char *my_client, *other_client, *my_client_mask, *other_client_mask;
- char *pos, *virtual_ip, *iface, *mark_in, *mark_out;
+ char *pos, *virtual_ip, *iface, *mark_in, *mark_out, *udp_enc;
mark_t mark;
bool is_host, is_ipv6;
FILE *shell;
@@ -197,6 +197,25 @@ METHOD(listener_t, child_updown, bool,
}
}
+ /* check for a NAT condition causing ESP_IN_UDP encapsulation */
+ if (ike_sa->has_condition(ike_sa, COND_NAT_ANY))
+ {
+ if (asprintf(&udp_enc, "PLUTO_UDP_ENC='%u' ",
+ other->get_port(other)) < 0)
+ {
+ udp_enc = NULL;
+ }
+
+ }
+ else
+ {
+ if (asprintf(&udp_enc, "") < 0)
+ {
+ udp_enc = NULL;
+ }
+
+ }
+
if (up)
{
iface = charon->kernel_interface->get_interface(
@@ -244,6 +263,7 @@ METHOD(listener_t, child_updown, bool,
"%s"
"%s"
"%s"
+ "%s"
"%s",
up ? "up" : "down",
is_host ? "-host" : "-client",
@@ -264,6 +284,7 @@ METHOD(listener_t, child_updown, bool,
virtual_ip,
mark_in,
mark_out,
+ udp_enc,
config->get_hostaccess(config) ? "PLUTO_HOST_ACCESS='1' " : "",
script);
free(my_client);
@@ -271,6 +292,7 @@ METHOD(listener_t, child_updown, bool,
free(virtual_ip);
free(mark_in);
free(mark_out);
+ free(udp_enc);
free(iface);
DBG3(DBG_CHD, "running updown script: %s", command);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 03:04:19 +0000