examples/ipsec-secgw: fix cmp_sa_key bug
Checks
Commit Message
From: supeng <supeng@cmss.chinamobile.com>
Inbound direction, sad_lookup function will call cmp_sa_key to compare packet outer ip info with local sa. Local sa src ip should equal packet dst ip, Local sa dst ip should equal src ip.
---
examples/ipsec-secgw/sad.h | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
Comments
Hello,
On Wed, Nov 22, 2023 at 9:18 AM supeng2087 <supeng2087@aliyun.com> wrote:
>
> From: supeng <supeng@cmss.chinamobile.com>
>
> Inbound direction, sad_lookup function will call cmp_sa_key to compare packet outer ip info with local sa. Local sa src ip should equal packet dst ip, Local sa dst ip should equal src ip.
No need to send 5 mails for the same patch.
All 5 were blocked, waiting in the moderation queue because you did
not register to the dev@ mailing list.
In the future, and before sending new revisions, please have a look at:
https://doc.dpdk.org/guides/contributing/patches.html
Thanks.
@@ -33,12 +33,12 @@ cmp_sa_key(struct ipsec_sa *sa, int is_v4, struct rte_ipv4_hdr *ipv4,
if ((sa_type == TRANSPORT) ||
/* IPv4 check */
(is_v4 && (sa_type == IP4_TUNNEL) &&
- (sa->src.ip.ip4 == ipv4->src_addr) &&
- (sa->dst.ip.ip4 == ipv4->dst_addr)) ||
+ (sa->src.ip.ip4 == ipv4->dst_addr) &&
+ (sa->dst.ip.ip4 == ipv4->src_addr)) ||
/* IPv6 check */
(!is_v4 && (sa_type == IP6_TUNNEL) &&
- (!memcmp(sa->src.ip.ip6.ip6, ipv6->src_addr, 16)) &&
- (!memcmp(sa->dst.ip.ip6.ip6, ipv6->dst_addr, 16))))
+ (!memcmp(sa->src.ip.ip6.ip6, ipv6->dst_addr, 16)) &&
+ (!memcmp(sa->dst.ip.ip6.ip6, ipv6->src_addr, 16))))
return 1;
return 0;