aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c')
-rw-r--r--src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
index 2e8d54e38..8352b9311 100644
--- a/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
+++ b/src/libhydra/plugins/kernel_netlink/kernel_netlink_ipsec.c
@@ -777,7 +777,7 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src)
prefixlen = sel->prefixlen_s;
if (sel->sport_mask)
{
- port = htons(sel->sport);
+ port = ntohs(sel->sport);
}
}
else
@@ -786,10 +786,15 @@ static traffic_selector_t* selector2ts(struct xfrm_selector *sel, bool src)
prefixlen = sel->prefixlen_d;
if (sel->dport_mask)
{
- port = htons(sel->dport);
+ port = ntohs(sel->dport);
}
}
-
+ if (sel->proto == IPPROTO_ICMP || sel->proto == IPPROTO_ICMPV6)
+ { /* convert ICMP[v6] message type and code as supplied by the kernel in
+ * source and destination ports (both in network order) */
+ port = (sel->sport >> 8) | (sel->dport & 0xff00);
+ port = ntohs(port);
+ }
/* The Linux 2.6 kernel does not set the selector's family field,
* so as a kludge we additionally test the prefix length.
*/
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 04:42:05 +0000