From owner-freebsd-net@FreeBSD.ORG Sat Jan 10 10:25:07 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3FAC5106566B for ; Sat, 10 Jan 2009 10:25:07 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from mail.cksoft.de (mail.cksoft.de [62.111.66.27]) by mx1.freebsd.org (Postfix) with ESMTP id EA7D28FC12 for ; Sat, 10 Jan 2009 10:25:06 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from localhost (amavis.str.cksoft.de [192.168.74.71]) by mail.cksoft.de (Postfix) with ESMTP id 235DA41C670; Sat, 10 Jan 2009 11:25:06 +0100 (CET) X-Virus-Scanned: amavisd-new at cksoft.de Received: from mail.cksoft.de ([62.111.66.27]) by localhost (amavis.str.cksoft.de [192.168.74.71]) (amavisd-new, port 10024) with ESMTP id VkwgntZv2llL; Sat, 10 Jan 2009 11:25:05 +0100 (CET) Received: by mail.cksoft.de (Postfix, from userid 66) id BF12241C667; Sat, 10 Jan 2009 11:25:05 +0100 (CET) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 1A48C4448D5; Sat, 10 Jan 2009 10:24:08 +0000 (UTC) Date: Sat, 10 Jan 2009 10:24:07 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: VANHULLEBUS Yvan In-Reply-To: <20090110100357.GB2718@zeninc.net> Message-ID: <20090110102213.Y45399@maildrop.int.zabbadoz.net> References: <49685F15.7080605@zirakzigil.org> <20090110100357.GB2718@zeninc.net> X-OpenPGP-Key: 0x14003F198FEFA3E77207EE8D2B58B8F83CCF1842 MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org, Giulio Ferro Subject: Re: NATT patch on current X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2009 10:25:07 -0000 On Sat, 10 Jan 2009, VANHULLEBUS Yvan wrote: Hi, > On Sat, Jan 10, 2009 at 09:40:53AM +0100, Giulio Ferro wrote: >> I just wanted to report that the nat-traversal patch on HEAD 2008-03-19 >> fails to apply cleanly. >> The problem is in the file ipsec.c lines 1847, 1870 >> >> Any news for the natt integration in CURRENT? > > Thanks for the report. > I'm currently working on cleaning the PFKey part of the patch > (available on Perforce if you're interested, and I hope our tests to > be ok in a few days, so I'll send kernel+userland patch for public > test/review), so I don't use anymore the public version of the patch > for TRUNK. > > I'll be mostly AFK for the next 2-3 days, but I'll try to find quickly > some time to update the public patch soon. There is more to the patch and current: it failes in in_pcb.h now as well -- there is a 0x2000 (or 0x1000) that is officially used now. I wondered if rrs' generic udp tunnel hack would apply to this as well but I haven't looked at the code yet. /bz -- Bjoern A. Zeeb The greatest risk is not taking one.