aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ipsec/ipsec_api.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet/ipsec/ipsec_api.c')
-rw-r--r--src/vnet/ipsec/ipsec_api.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/vnet/ipsec/ipsec_api.c b/src/vnet/ipsec/ipsec_api.c
index 4a55a29c288..ad2665a250c 100644
--- a/src/vnet/ipsec/ipsec_api.c
+++ b/src/vnet/ipsec/ipsec_api.c
@@ -374,7 +374,8 @@ static void vl_api_ipsec_sad_entry_add_del_t_handler
crypto_alg, &crypto_key,
integ_alg, &integ_key, flags,
0, mp->entry.salt, &tun_src, &tun_dst,
- &sa_index, IPSEC_UDP_PORT_NONE);
+ &sa_index, htons (mp->entry.udp_src_port),
+ htons (mp->entry.udp_dst_port));
else
rv = ipsec_sa_unlock_id (id);
@@ -665,7 +666,7 @@ vl_api_ipsec_tunnel_if_add_del_t_handler (vl_api_ipsec_tunnel_if_add_del_t *
(flags | IPSEC_SA_FLAG_IS_INBOUND),
ntohl (mp->tx_table_id),
mp->salt, &remote_ip, &local_ip, NULL,
- IPSEC_UDP_PORT_NONE);
+ IPSEC_UDP_PORT_NONE, IPSEC_UDP_PORT_NONE);
if (rv)
goto done;
@@ -680,7 +681,7 @@ vl_api_ipsec_tunnel_if_add_del_t_handler (vl_api_ipsec_tunnel_if_add_del_t *
flags,
ntohl (mp->tx_table_id),
mp->salt, &local_ip, &remote_ip, NULL,
- IPSEC_UDP_PORT_NONE);
+ IPSEC_UDP_PORT_NONE, IPSEC_UDP_PORT_NONE);
if (rv)
goto done;
@@ -816,6 +817,11 @@ send_ipsec_sa_details (ipsec_sa_t * sa, void *arg)
ip_address_encode (&sa->tunnel_dst_addr, IP46_TYPE_ANY,
&mp->entry.tunnel_dst);
}
+ if (ipsec_sa_is_set_UDP_ENCAP (sa))
+ {
+ mp->entry.udp_src_port = sa->udp_hdr.src_port;
+ mp->entry.udp_dst_port = sa->udp_hdr.dst_port;
+ }
mp->seq_outbound = clib_host_to_net_u64 (((u64) sa->seq));
mp->last_seq_inbound = clib_host_to_net_u64 (((u64) sa->last_seq));