From owner-freebsd-security Sun Feb 10 13: 8: 2 2002 Delivered-To: freebsd-security@freebsd.org Received: from w2xo.pgh.pa.us (18.gibs5.xdsl.nauticom.net [209.195.184.19]) by hub.freebsd.org (Postfix) with ESMTP id A3C0137B6DD for ; Sun, 10 Feb 2002 13:02:46 -0800 (PST) Received: from there (dhcp14.int [192.168.5.14]) by w2xo.pgh.pa.us (8.11.6/8.11.3) with SMTP id g1AL1C504585 for ; Sun, 10 Feb 2002 21:01:12 GMT (envelope-from durham@jcdurham.com) Message-Id: <200202102101.g1AL1C504585@w2xo.pgh.pa.us> Content-Type: text/plain; charset="iso-8859-1" From: Jim Durham Reply-To: durham@jcdurham.com To: freebsd-security@freebsd.org Subject: IPSEC and gif interface after 4.4 Date: Sun, 10 Feb 2002 16:01:00 -0500 X-Mailer: KMail [version 1.3] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I pass this along to save someone else some head-banging like I did. I missed this in the 4.4 release notes: "Network device cloning has been implemented, and the gif(4) device has been modified to take advantage of it. Thus, instead of specifying how many gif(4) interfaces are available in kernel configuration files, ifconfig(8)'s create option should be used when another device instance is desired." IPSEC uses a gif interface. I couldn't imagine why it wasn't there on my 4.4 systems. 'ifconfig gif0 create' makes it happen. Duh... -Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message