From owner-freebsd-security Sun May 12 10:10:12 2002 Delivered-To: freebsd-security@freebsd.org Received: from dubb05h07-0.dplanet.ch (dubb05h07-0.dplanet.ch [212.35.36.31]) by hub.freebsd.org (Postfix) with ESMTP id 8133637B407 for ; Sun, 12 May 2002 10:10:08 -0700 (PDT) Received: (from luser@localhost) by dubb05h07-0.dplanet.ch (8.11.6/8.11.6) id g4CHA0o11330; Sun, 12 May 2002 19:10:00 +0200 Date: Sun, 12 May 2002 19:10:00 +0200 Message-Id: <200205121710.g4CHA0o11330@dubb05h07-0.dplanet.ch> X-Authentication-Warning: dubb05h07-0.dplanet.ch: luser set sender to quak@mydiax.ch using -f Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) From: quak@mydiax.ch To: freebsd-security@FreeBSD.org Subject: Re: Re: IPSEC: is ipcomp broken in 4.5-stable ? Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Hi, > > >You are welcome. I just committed the fix into 5-CURRENT. Since >4-STABLE is in code freeze, when approved by re, I'll do MFC it. Whoops, Hajimu=20 Transport compression works flawlessly, but tunnel mode seems to still be b= roken now, if I use: spdadd 192.168.2.0/24 192.168.1.0/24 any -P out ipsec ipcomp/tunnel/192.168= .20.1-192.168.10.1/require; spdadd 192.168.1.0/24 192.168.2.0/24 any -P in ipsec ipcomp/tunnel/192.168.= 10.1-192.168.20.1/require; (And mirror of this on another machine) transfers die again with similar symptoms, transfers hang at 34816, kernel = spits errors: ipcomp_decompress: inflate(Z_NO_FLUSH): invalid bit length repeat ipcomp_decompress: inflate(Z_NO_FLUSH): oversubscribed literal/length tree What is this ? :) Regards Kirill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message