On Sun, 17 Aug 2003 17:50:19 +1000 Herbert Xu <herbert@gondor.apana.org.au> wrote: > On Sat, Aug 16, 2003 at 10:39:56PM -0700, David S. Miller wrote: > > First of all, you cannot mangle the packet contents. > > Other taps might be looking at the original copy, > > ie. we might have a clone. > > But this is xfrm_rcv_encap where we're doing all sorts of nasty > things to the packet including decrypting/decompressing it. Such transformations will copy/unshare the skb as needed. But if only tunneling is being applied, none of that copying or unsharing will be done, because it's simply unneeded. And in such a case you are about to mangle an SKB being looked at by tcpdump. Also, tunneled AH will not have the packet unshared either. The packet is not modified when we decap AH so we don't need to do anything fancy for it. (this isn't %100 true, but it is the eventual intention) Only ESP and compression need to truly mangle the packet. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
