summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--security/ipsec-tools/Makefile2
-rw-r--r--security/ipsec-tools/files/natt.diff6
2 files changed, 5 insertions, 3 deletions
diff --git a/security/ipsec-tools/Makefile b/security/ipsec-tools/Makefile
index 4223855ea4d8..e16034a691f8 100644
--- a/security/ipsec-tools/Makefile
+++ b/security/ipsec-tools/Makefile
@@ -8,7 +8,7 @@
PORTNAME= ipsec-tools
PORTVERSION= 0.8.2
-PORTREVISION= 7
+PORTREVISION= 8
CATEGORIES= security
MASTER_SITES= SF
diff --git a/security/ipsec-tools/files/natt.diff b/security/ipsec-tools/files/natt.diff
index 0b1c0c26938f..ff0daa44475c 100644
--- a/security/ipsec-tools/files/natt.diff
+++ b/security/ipsec-tools/files/natt.diff
@@ -82,12 +82,14 @@
return pfkey_send_add2(&psaa);
--- src/racoon/isakmp_quick.c
+++ src/racoon/isakmp_quick.c
-@@ -2390,6 +2390,32 @@ get_proposal_r(iph2)
+@@ -2390,6 +2390,34 @@
spidx.src.ss_family, spidx.dst.ss_family,
_XIDT(iph2->id_p),idi2type);
}
+#ifdef ENABLE_NATT
-+ if (iph2->ph1->natt_flags & NAT_DETECTED_PEER) {
++ if (iph2->ph1->natt_flags & NAT_DETECTED_PEER
++ && _XIDT(iph2->id) != IPSECDOI_ID_IPV4_ADDR_SUBNET
++ && _XIDT(iph2->id) != IPSECDOI_ID_IPV6_ADDR_SUBNET) {
+ u_int16_t port;
+
+ port = extract_port(&spidx.src);
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 13:18:59 +0000