ipsec: Fix IPsec decrypt_esp for NAT-Traversal

[ImanAfaneh293]

When having nat_header, encrypted.underlayer will return UDP/ESP, so when decrypting IPv6 packet, the decrypt packet will be return with nat_header (UDP), which will return a corrupted packet.

Example:

original packet:
IPv6/TCP/Raw
encrypted packet:
IPv6/UDP/ESP
Decrypted packet:
IPv6/UDP/TCP/Raw

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.56%. Comparing base (8461c2e) to head (39218a1).
Report is 11 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4370      +/-   ##
==========================================
- Coverage   81.56%   81.56%   -0.01%     
==========================================
  Files         352      352              
  Lines       83897    83900       +3     
==========================================
- Hits        68431    68430       -1     
- Misses      15466    15470       +4     

Files	Coverage Δ
scapy/layers/ipsec.py	90.92% <100.00%> (+0.25%)	⬆️

... and 5 files with indirect coverage changes

[gpotter2]

Please provide a unit test as an example of what your PR fixes.

[gpotter2]

Thanks for the PR ! it looks good, but could you please add a unit test ?
Thanks

[ImanAfaneh293]

Thanks, sure will add a unit test

[ImanAfaneh293]

@gpotter2 could you please review
thanks in advance

[gpotter2]

Thanks. This test doesn't work though.

You should test it locally using

./run_tests -t scapy/layers/ipsec.uts -F

[ImanAfaneh293]

I tested it locally and the test passed

[ImanAfaneh293]

@gpotter2 could you please review
thanks in advance

[ImanAfaneh293]

@gpotter2 could you please review
thanks in advance