Commit b6114e84fc for strongswan.org

commit b6114e84fc0c9115f0f98ecd71456a6952f8788e
Author: Tobias Brunner <tobias@strongswan.org>
Date:   Mon Feb 7 14:35:39 2022 +0100

    child-sa: Enable ICMP forwarding on SA and policies if configured

diff --git a/src/libcharon/sa/child_sa.c b/src/libcharon/sa/child_sa.c
index 4676b05e3c..ed64535f00 100644
--- a/src/libcharon/sa/child_sa.c
+++ b/src/libcharon/sa/child_sa.c
@@ -1121,6 +1121,7 @@ static status_t install_internal(private_child_sa_t *this, chunk_t encr,
 		.copy_ecn = !this->config->has_option(this->config, OPT_NO_COPY_ECN),
 		.copy_dscp = this->config->get_copy_dscp(this->config),
 		.iptfs_dont_frag = this->iptfs_dont_frag,
+		.forward_icmp = this->config->has_option(this->config, OPT_FORWARD_ICMP),
 		.label = label_for(this, LABEL_USE_SA),
 		.initiator = initiator,
 		.inbound = inbound,
@@ -1295,6 +1296,7 @@ static status_t install_policies_outbound(private_child_sa_t *this,
 		.src = my_addr,
 		.dst = other_addr,
 		.pcpu_acquires = this->per_cpu,
+		.forward_icmp = this->config->has_option(this->config, OPT_FORWARD_ICMP),
 		.sa = other_sa,
 	};
 	uint32_t reqid = other_sa->reqid;
@@ -1409,6 +1411,7 @@ static void del_policies_outbound(private_child_sa_t *this,
 		.src = my_addr,
 		.dst = other_addr,
 		.pcpu_acquires = this->per_cpu,
+		.forward_icmp = this->config->has_option(this->config, OPT_FORWARD_ICMP),
 		.sa = other_sa,
 	};
 	uint32_t reqid = other_sa->reqid;