(c) Dmitry Ponyatov <[email protected]> 2020 All rights reserved
github: https://github.com/ponyatov/IPsecRepack/
There is IPSEC encrypted channel. Traffic contains big UDP packets that must be fragmented before transmitting. By default, Linux encrypts packets and then performs fragmentation of the encrypted packet. So we get fragmented ESP packets on output. Equipment on the other channel side does not understand fragmented ESP packets.
- Create kernel module (kernel v3.10) that fragments packets before encryption to get all ESP packets are not fragmented.
- Allow to enable/disable from user-space using
/sys
or/proc
FS
powered with [metaL](https://github.com/ponyatov/metaLgen)