[strongSwan-dev] nat port change detection
Martin Willi
martin at strongswan.org
Fri Apr 17 09:34:09 CEST 2015
Hi,
> router changes its source port on the UDP encap packet midway through a
> connection. I would like to look at this code to understand it a bit,
> but I am having trouble identifying the exact point for IKEv1 where
> this change is detected in the strongswan code.
The kernel backend fires a mapping() event on kernel_interface_t, which
is propagated to all registered kernel_listener_t. libcharons
kernel_handler_t is one of them, which raises an asynchronous
migrate_job_t.
That migrate job finds affected IKE_SAs and CHILD_SAs, tries to update
them. If updating CHILD_SAs is not supported using MOBIKE, it rekeys
them.
Regards
Martin
More information about the Dev
mailing list