aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/pluto/kernel.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/src/pluto/kernel.c b/src/pluto/kernel.c
index 36bf37f7c..2ab9306dd 100644
--- a/src/pluto/kernel.c
+++ b/src/pluto/kernel.c
@@ -294,6 +294,8 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
peerclientnet_str[ADDRTOT_BUF],
peerclientmask_str[ADDRTOT_BUF],
peerca_str[BUF_LEN],
+ mark_in[BUF_LEN] = "",
+ mark_out[BUF_LEN] = "",
udp_encap[BUF_LEN] = "",
xauth_id_str[BUF_LEN] = "",
secure_myid_str[BUF_LEN] = "",
@@ -327,6 +329,18 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
strncat(srcip_str, "' ", sizeof(srcip_str));
}
+ if (sr->mark_in.value)
+ {
+ snprintf(mark_in, sizeof(mark_in), "PLUTO_MARK_IN='%u/0x%08x' ",
+ sr->mark_in.value, sr->mark_in.mask);
+ }
+
+ if (sr->mark_out.value)
+ {
+ snprintf(mark_out, sizeof(mark_out), "PLUTO_MARK_OUT='%u/0x%08x' ",
+ sr->mark_out.value, sr->mark_out.mask);
+ }
+
if (st && (st->nat_traversal & NAT_T_DETECTED))
{
snprintf(udp_encap, sizeof(udp_encap), "PLUTO_UDP_ENC='%u' ",
@@ -410,6 +424,8 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
"PLUTO_PEER_CA='%s' "
"%s" /* optional PLUTO_MY_SRCIP */
"%s" /* optional PLUTO_XAUTH_ID */
+ "%s" /* optional PLUTO_MARK_IN */
+ "%s" /* optional PLUTO_MARK_OUT */
"%s" /* optional PLUTO_UDP_ENC */
"%s" /* actual script */
, verb, verb_suffix
@@ -435,6 +451,8 @@ static bool do_command(connection_t *c, struct spd_route *sr, struct state *st,
, secure_peerca_str
, srcip_str
, xauth_id_str
+ , mark_in
+ , mark_out
, udp_encap
, sr->this.updown == NULL? DEFAULT_UPDOWN : sr->this.updown))
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-20 23:42:28 +0000