https://bugzilla.novell.com/show_bug.cgi?id=422918 User lchiquitto@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=422918#c3 --- Comment #3 from Leonardo Chiquitto <lchiquitto@novell.com> 2008-09-29 17:34:19 MDT --- Bin, I'm almost sure that the culprit is our VPN Appliance. On PPC, the byte order conversion functions expand to nothing, as the network byte order equals the host byte order (big endian). Receiving the "wrong" port number means that the other side of the VPN (probably a x86, little endian) is sending it without proper conversion to network byte order. To connect to the Novell VPN, I'm using the following awful patch. Hope it doesn't hurt your eyes much :) Index: linux/net/key/af_key.c =================================================================== --- linux.orig/net/key/af_key.c +++ linux/net/key/af_key.c @@ -1238,11 +1238,17 @@ static struct xfrm_state * pfkey_msg2xfr struct sadb_x_nat_t_port* n_port = ext_hdrs[SADB_X_EXT_NAT_T_SPORT-1]; natt->encap_sport = n_port->sadb_x_nat_t_port_port; + + if (natt->encap_sport == 53767) + natt->encap_sport = 2002; } if (ext_hdrs[SADB_X_EXT_NAT_T_DPORT-1]) { struct sadb_x_nat_t_port* n_port = ext_hdrs[SADB_X_EXT_NAT_T_DPORT-1]; natt->encap_dport = n_port->sadb_x_nat_t_port_port; + + if (natt->encap_dport == 53767) + natt->encap_dport = 2002; } } Thanks, Leonardo -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.