From owner-freebsd-stable  Tue Nov 26  6:21:34 2002
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CAD9237B401
	for <FreeBSD-stable@FreeBSD.ORG>; Tue, 26 Nov 2002 06:21:32 -0800 (PST)
Received: from musique.teaser.net (musique.teaser.net [213.91.2.11])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C4D5B43EBE
	for <FreeBSD-stable@FreeBSD.ORG>; Tue, 26 Nov 2002 06:21:31 -0800 (PST)
	(envelope-from e-masson@kisoft-services.com)
Received: from notbsdems.nantes.kisoft-services.com (nantes.kisoft-services.com [193.56.60.243])
	by musique.teaser.net (Postfix) with ESMTP
	id 4FAA37258A; Tue, 26 Nov 2002 15:21:25 +0100 (CET)
Received: by notbsdems.nantes.kisoft-services.com (Postfix, from userid 1001)
	id D4BF95A2C8; Tue, 26 Nov 2002 15:21:11 +0100 (CET)
To: Ari Suutari <ari.suutari@syncrontech.com>
Cc: greg.panula@dolaninformation.com,
	David Kelly <dkelly@HiWAAY.net>, FreeBSD-stable@FreeBSD.ORG
Subject: Re: IPsec/gif VPN tunnel packets on wrong NIC in ipfw?
References: <200211142157.57459.dkelly@HiWAAY.net>
	<200211260837.02019.ari.suutari@syncrontech.com>
	<86n0nwr6jz.fsf@notbsdems.nantes.kisoft-services.com>
	<200211261237.41947.ari.suutari@syncrontech.com>
From: Eric Masson <e-masson@kisoft-services.com>
In-Reply-To: <200211261237.41947.ari.suutari@syncrontech.com> (Ari Suutari's
 message of "Tue, 26 Nov 2002 12:37:41 +0200")
X-Operating-System: FreeBSD 4.7-STABLE i386
Date: Tue, 26 Nov 2002 15:21:11 +0100
Message-ID: <86isykpg2w.fsf@notbsdems.nantes.kisoft-services.com>
User-Agent: Gnus/5.090008 (Oort Gnus v0.08) XEmacs/21.4 (Common Lisp,
 i386--freebsd)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

>>>>> "Ari" == Ari Suutari <ari.suutari@syncrontech.com> writes:

Hello,

 Ari> 	Would be better for my purposes than gif. Hopefully someone
 Ari> implements something like this.

Good news.

 Ari> Another approach could be to add new keyword to ipfw which would
 Ari> match only packets that came from tunnel

Will the esp implementation take care of ipfilter as well ?

Eric Masson

-- 
 DM> J'arrive seulement sur ce groupe de discussion .Que faut il faire ?
 Rien, il n'y a absolument rien d'autres à faire que taper son message en
 répondant au groupe, ou pourquoi pas un nouveau message. Rien d'autres
 -+- E in Guide du Neuneu Usenet - Mais où ce qu'il est-il donc ? -+-

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message