From owner-freebsd-net@FreeBSD.ORG  Thu May 31 07:23:09 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 5918316A421
	for <freebsd-net@freebsd.org>; Thu, 31 May 2007 07:23:09 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from smtp.zeninc.net (reverse-25.fdn.fr [80.67.176.25])
	by mx1.freebsd.org (Postfix) with ESMTP id 1CACA13C43E
	for <freebsd-net@freebsd.org>; Thu, 31 May 2007 07:23:06 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: by smtp.zeninc.net (smtpd, from userid 1000)
	id 2C2B53F6D; Thu, 31 May 2007 09:23:05 +0200 (CEST)
Date: Thu, 31 May 2007 09:23:05 +0200
From: VANHULLEBUS Yvan <vanhu_bsd@zeninc.net>
To: freebsd-net@freebsd.org
Message-ID: <20070531072304.GA28098@zen.inc>
References: <053120070319.25073.465E3EB3000078F2000061F122007348309709090E999C@comcast.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <053120070319.25073.465E3EB3000078F2000061F122007348309709090E999C@comcast.net>
User-Agent: All mail clients suck. This one just sucks less.
Subject: Re: Applying NAT-T patch
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2007 07:23:09 -0000

On Thu, May 31, 2007 at 03:19:15AM +0000, swaggy@comcast.net wrote:

Hi.

> According to the following thread, one must do more then just apply the NAT-T
> patch and rebuild the kernel:
> http://lists.freebsd.org/pipermail/freebsd-net/2006-September/011855.html
> 
> What other steps are necessary to apply the patch to a 6.x system? Can I get
> away without re-building/re-installing world?

rebuilding/reinstalling  world may be very interesting as some system
programs uses some structs which size are changed by the patch.
But you can skip this part if you are *absolutely* sure to NEVER use
such programs (system's setkey and a few other ones I don't remember).

reinstalling /usr/include headers is necessary to export the correct
versions of some headers (net/pfkeyv2.h, some stuff in udp headers,
etc...).

rebuilding ipsec-tools port is necessary when your headers have been
exported, to let the port's configure detect that your system now have
NAT-T support.


Yvan.

-- 
NETASQ
http://www.netasq.com