beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #45638 from corhere/backport-23.0/libn/fix-encrypted-overlay-nonstandard-port

Browse source 
[23.0 backport] libnetwork/d/overlay: support encryption on any port
This commit is contained in:
Sebastiaan van Stijn 2023-05-27 00:44:51 +02:00 committed by GitHub
commit 57cc620aa0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
libnetwork/drivers/overlay/encryption.go
View file

@ -400,8 +400,8 @@ func programSP(fSA *netlink.XfrmState, rSA *netlink.XfrmState, add bool) error {
Src: &net.IPNet{IP: s, Mask: fullMask},
Dst: &net.IPNet{IP: d, Mask: fullMask},
Dir: netlink.XFRM_DIR_OUT,
Proto: 17,
DstPort: 4789,
Proto: syscall.IPPROTO_UDP,
DstPort: int(overlayutils.VXLANUDPPort()),
Mark: &spMark,
Tmpls: []netlink.XfrmPolicyTmpl{
{
@ -614,8 +614,8 @@ func updateNodeKey(lIP, aIP, rIP net.IP, idxs []*spi, curKeys []*key, newIdx, pr
Src: &net.IPNet{IP: s, Mask: fullMask},
Dst: &net.IPNet{IP: d, Mask: fullMask},
Dir: netlink.XFRM_DIR_OUT,
Proto: 17,
DstPort: 4789,
Proto: syscall.IPPROTO_UDP,
DstPort: int(overlayutils.VXLANUDPPort()),
Mark: &spMark,
Tmpls: []netlink.XfrmPolicyTmpl{
{