Date: Thu, 22 Mar 2001 04:18:00 +0900 From: itojun@iijlab.net To: Mike Harding <mvh@ix.netcom.com>, freebsd-security@freebsd.org Subject: Re: IPSEC/VPN/NAT and filtering Message-ID: <10688.985202280@coconut.itojun.org> In-Reply-To: itojun's message of Thu, 22 Mar 2001 04:10:29 JST. <10518.985201829@coconut.itojun.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> see latest NetBSD source code tree, and the following URL, on how > we handled it (now ipfilter looks at wire format packet only). i have > no environment/time to do the same on freebsd, but i can > say that the foundations are there in kame and netbsd tree. > (you can check if the packet went throught ip sec on inbound, > by using ipsec_gethist()) > http://www.netbsd.org/Documentation/network/ipsec/#ipf-interaction i'm not sure what should be done for stream came in from divert socket. itojun To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10688.985202280>