Date: Fri, 25 Sep 2015 10:42:48 -0300 From: "Dr. Rolf Jansen" <rj@obsigna.com> To: freebsd-net@freebsd.org Subject: Clearance of checksum flags when decapsulating ESP packets Message-ID: <C5FB2A27-8FFE-4209-B2C2-53C0C8AD10B0@obsigna.com>
next in thread | raw e-mail | index | archive | help
Please, may I ask about the rationale behind the lines 1557 to 1562 in = function udp4_espdecap() of file src/sys/netinet/udp_usrreq.c on = FreeBSD 10.2-RELEASE-p3. =E2=80=A6 /* * We cannot yet update the cksums so clear any * h/w cksum flags as they are no longer valid. */ if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID) m->m_pkthdr.csum_flags &=3D = ~(CSUM_DATA_VALID|CSUM_PSEUDO_HDR); =E2=80=A6 I am specially interested in learning about possibly adverse effects on = operating an IPsec and IPsec-NAT-T enabled kernel when leaving the = checksum flags in place, i.e. removing the above lines from the file = src/sys/netinet/udp_usrreq.c. Many thanks in advance for any enlightment. Best regards Rolf Jansen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C5FB2A27-8FFE-4209-B2C2-53C0C8AD10B0>