Fwd: How flowi4 variable fl->u.ip4.fl4_gre_key variable updates in kernel code for GRE
Harsh Jain
harshjain.prof at gmail.com
Wed Jun 3 12:13:58 EDT 2015
Hi All,
In which function kernel fills the GRE key value in
"fl->u.ip4.fl4_gre_key" struct flowi4.I am trying to apply IPSEC
encrytion policy based on GRE key in packet.
The function "xfrm_flowi_sport" prints uli->gre_key = 0 for GRE packets.
Is it a bug in kernel code?.
Regards
Harsh Jain
---------- Forwarded message ----------
From: Harsh Jain <harshjain.prof at gmail.com>
Date: Mon, Jun 1, 2015 at 1:57 AM
Subject: Packet encryption based on gre key value with ip xfrm command
To: Kernelnewbies <kernelnewbies at kernelnewbies.org>
Hi,
I am trying to encrypt Gre packet have specific key values in GRE
header with following command
ip xfrm policy add src 192.168.1.9 dst 192.168.1.5 proto gre key 3 dir
in tmpl src 192.168.1.9 dst 192.168.1.5 proto esp reqid 16387 mode
transport
But it is not working. If I remove the "key 3" from above system
encrypt all GRE packets.
I tried with kernel version 3.18 and iproute2 version.2.4.
I got iproute2 patch file having changes to support filtering based
on keys but didn't find corresponding kernel patch.
How to encrypt Packets based on GRE key value.?
Regards
Harsh Jain
More information about the Kernelnewbies
mailing list