From owner-freebsd-net@FreeBSD.ORG  Tue Apr 28 16:15:38 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D5A7F106564A;
	Tue, 28 Apr 2009 16:15:38 +0000 (UTC)
	(envelope-from sullrich@gmail.com)
Received: from mail-bw0-f165.google.com (mail-bw0-f165.google.com
	[209.85.218.165])
	by mx1.freebsd.org (Postfix) with ESMTP id 2C5528FC08;
	Tue, 28 Apr 2009 16:15:37 +0000 (UTC)
	(envelope-from sullrich@gmail.com)
Received: by bwz9 with SMTP id 9so635849bwz.43
	for <multiple recipients>; Tue, 28 Apr 2009 09:15:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:in-reply-to:references
	:from:date:message-id:subject:to:cc:content-type
	:content-transfer-encoding;
	bh=R0r/NbQjei7lXmiP23NjN81+cEWHFlUl332/VP4Pr/k=;
	b=oxBo7+ASajE4LxOKJ12GAr7hMI0A8/GT7V+kdvU74PWoMJvnAnMRdlqMPc3wWcRAoA
	3gcm/Qy/4p9c9kxTvP+SnPFC8opSpcMg+/dakh51C527SRrmoOfQIsl/e+giaL0EnqdW
	gVpzObCA1uPPztnQyUZWaHN6ZHBeAysjkBOtM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:from:date:message-id:subject:to
	:cc:content-type:content-transfer-encoding;
	b=S2muwVZuy9G0NrDSIy8PskHt2zTBD3xAjjhAoeY94YQjkVf5Qyp3VWTitDy/rHwWTs
	51jbyzafn/liAVaFos2smWNn9oIRmluMQgZhugeVwmJ3+7YJlzvaPGJtQNEjWBGHDTG+
	lSaGKxXJs5XTvXH+2X6QyXpGgj7sQosOlRQjY=
MIME-Version: 1.0
Received: by 10.103.241.15 with SMTP id t15mr4018213mur.85.1240935336151; Tue, 
	28 Apr 2009 09:15:36 -0700 (PDT)
In-Reply-To: <20090428120751.GA68471@zeninc.net>
References: <49F6D598.6040503@zirakzigil.org>
	<20090428120751.GA68471@zeninc.net>
From: Scott Ullrich <sullrich@gmail.com>
Date: Tue, 28 Apr 2009 12:15:16 -0400
Message-ID: <d5992baf0904280915m1fa07b0aq59fefa872a2d0d4e@mail.gmail.com>
To: VANHULLEBUS Yvan <vanhu@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@freebsd.org, Giulio Ferro <auryn@zirakzigil.org>
Subject: Re: IPSEC NAT traversal
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Apr 2009 16:15:39 -0000

On Tue, Apr 28, 2009 at 8:07 AM, VANHULLEBUS Yvan <vanhu@freebsd.org> wrote:
> See recent archives, there is actually an issue with the patchset, as
> there are no more available bits in struct inp's flags.
> We're working on that to find and implement the best solution.

Hi,

Ermal Luci recently whipped the pfSense's NATT patch into shape:
http://cvs.pfsense.com/~sullrich/NATT.RELENG_8.diff

I am not sure if this is how Yvan wants to solve it for the long term
but it does seem to work OK for the short term until the patch is
brought up to speed.

Scott