summaryrefslogtreecommitdiffstats
path: root/ipsec-tools/src/racoon/isakmp_quick.c
diff options
context:
space:
mode:
Diffstat (limited to 'ipsec-tools/src/racoon/isakmp_quick.c')
-rw-r--r--ipsec-tools/src/racoon/isakmp_quick.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/ipsec-tools/src/racoon/isakmp_quick.c b/ipsec-tools/src/racoon/isakmp_quick.c
index fa957ebc..77d126dd 100644
--- a/ipsec-tools/src/racoon/isakmp_quick.c
+++ b/ipsec-tools/src/racoon/isakmp_quick.c
@@ -2390,6 +2390,32 @@ get_proposal_r(iph2)
spidx.src.ss_family, spidx.dst.ss_family,
_XIDT(iph2->id_p),idi2type);
}
+#ifdef ENABLE_NATT
+ if (iph2->ph1->natt_flags & NAT_DETECTED_PEER) {
+ u_int16_t port;
+
+ port = extract_port(&spidx.src);
+ memcpy(&spidx.src, iph2->ph1->remote,
+ sysdep_sa_len(iph2->ph1->remote));
+ set_port(&spidx.src, port);
+ switch (spidx.src.ss_family) {
+ case AF_INET:
+ spidx.prefs = sizeof(struct in_addr) << 3;
+ break;
+#ifdef INET6
+ case AF_INET6:
+ spidx.prefs = sizeof(struct in6_addr) << 3;
+ break;
+#endif
+ default:
+ spidx.prefs = 0;
+ break;
+ }
+ plog(LLV_DEBUG, LOCATION,
+ NULL, "use NAT address %s as src\n",
+ saddr2str((struct sockaddr *)&spidx.src));
+ }
+#endif
} else {
plog(LLV_DEBUG, LOCATION, NULL,
"get a source address of SP index from Phase 1"
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-05 13:49:50 +0000