Date: Fri, 24 Oct 2003 12:40:11 +0100 From: Jim Hatfield <subscriber@insignia.com> To: freebsd-security@freebsd.org Subject: Re: IPSec VPNs: to gif or not to gif Message-ID: <ro3ipvs7flea92uqpi5g923ati2lrns975@4ax.com> In-Reply-To: <3203DF3DDE57D411AFF4009027B8C3674B4927@exchange-uk.isltd.insignia.com> References: <3203DF3DDE57D411AFF4009027B8C3674B4927@exchange-uk.isltd.insignia.com>
index | next in thread | previous in thread | raw e-mail
On Thu, 23 Oct 2003 12:23:03 +0100, in local.freebsd.security you wrote: >The issue was put to bed. >Reference: >http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_input.c?rev=1.2 >14&content-type=text/x-cvsweb-markup >http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_input.c?rev=1.1 >30.2.48&content-type=text/x-cvsweb-markup >http://docs.freebsd.org/cgi/getmsg.cgi?fetch=132950+0+/usr/local/www/db/ >text/2001/freebsd-security/20010325.freebsd-security > >Current behavior is encrypted packet is handled by ipfw once, then after > >decryption it is only handled by ipfw(again) if it passes thru an >interface didn't arrive on. Many thanks, that's very helpful. Jimhelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ro3ipvs7flea92uqpi5g923ati2lrns975>