From owner-freebsd-net@FreeBSD.ORG Thu May 31 16:33:34 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DE6F316A41F for ; Thu, 31 May 2007 16:33:34 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from shrew.net (206-223-169-85.beanfield.net [206.223.169.85]) by mx1.freebsd.org (Postfix) with ESMTP id B514813C468 for ; Thu, 31 May 2007 16:33:34 +0000 (UTC) (envelope-from mgrooms@shrew.net) Received: from localhost (206-223-169-82.beanfield.net [206.223.169.82]) by shrew.net (Postfix) with ESMTP id 2751D79E204 for ; Thu, 31 May 2007 11:33:35 -0500 (CDT) Received: from shrew.net ([206.223.169.85]) by localhost (mx1.hub.org [206.223.169.82]) (amavisd-new, port 10024) with ESMTP id 30436-08 for ; Thu, 31 May 2007 16:33:34 +0000 (UTC) Received: from hole.shrew.net (cpe-66-25-136-5.austin.res.rr.com [66.25.136.5]) by shrew.net (Postfix) with ESMTP id 921AF79E203 for ; Thu, 31 May 2007 11:33:34 -0500 (CDT) Received: from hole.shrew.net (localhost.shrew.net [127.0.0.1]) by hole.shrew.net (8.13.8/8.13.6) with ESMTP id l4V9bUVe014709 for ; Thu, 31 May 2007 09:37:31 GMT (envelope-from mgrooms@shrew.net) Received: (from www@localhost) by hole.shrew.net (8.13.8/8.13.6/Submit) id l4V9bUm4014708; Thu, 31 May 2007 09:37:30 GMT (envelope-from mgrooms@shrew.net) Date: Thu, 31 May 2007 09:37:30 GMT Message-Id: <200705310937.l4V9bUm4014708@hole.shrew.net> X-Authentication-Warning: hole.shrew.net: www set sender to mgrooms@shrew.net using -f To: freebsd-net@freebsd.org Received: from 24.155.185.195 (auth. user mgrooms@hole.shrew.net) by webmail.shrew.net with HTTP; Thu, 31 May 2007 04:37:30 -0500 X-IlohaMail-Blah: mgrooms@hole.shrew.net X-IlohaMail-Method: mail() [mem] X-IlohaMail-Dummy: moo X-Mailer: IlohaMail/0.8.12 (On: webmail.shrew.net) In-Reply-To: <200705310924.l4V9Oc33014634@hole.shrew.net> From: "Matthew Grooms" Bounce-To: "Matthew Grooms" Errors-To: "Matthew Grooms" MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: Applying NAT-T patch X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 May 2007 16:33:35 -0000 >On Thu, May 31, 2007 at 08:52:03AM +0000, Bjoern A. Zeeb wrote: >> On Thu, 31 May 2007, VANHULLEBUS Yvan wrote: >[...] >> >> Maybe you could start addressing the things I posted last September? >> http://lists.freebsd.org/pipermail/freebsd-net/2006-September/011807.html > >You're right: I was sure that this patch had been reported to >"official" NAT-T patch, but it hasn't been yet, I appologize for >that. > > >While re-reading it, I remember now that I wanted to check again the >minlen computation. > >The rest of the patch is ok and will be included today. > Does that mean that only a single issue mentioned by Bjoern has not been addressed in the latest version of the patch set? What about the setkey program? Does it need to be patched to read security associations that use natt extensions? Perhaps the ipsec tools version can be imported to replace the stock freebsd version? I really hope this makes into head before the 7 branch. Thanks, -Matthew