Date: Mon, 26 Jun 2006 09:10:09 -0400 From: Tom Rhodes <trhodes@FreeBSD.org> To: Giorgos Keramidas <keramida@FreeBSD.org> Cc: doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: doc/en_US.ISO8859-1/books/handbook/security chapter.sgml Message-ID: <20060626091009.457e14a6.trhodes@FreeBSD.org> In-Reply-To: <200606261306.k5QD6MxK069792@repoman.freebsd.org> References: <200606261306.k5QD6MxK069792@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 26 Jun 2006 13:06:22 +0000 (UTC) Giorgos Keramidas <keramida@FreeBSD.org> wrote: > keramida 2006-06-26 13:06:22 UTC > > FreeBSD doc repository > > Modified files: > en_US.ISO8859-1/books/handbook/security chapter.sgml > Log: > When IPSEC is configured according to the Handbook[1], pf fails > to track connection state properly, because it does not see > packets coming from the tunneled interface to gif(4). Rebuilding > with IPSEC_FILTERGIF fixes the problem. > > According to mlaier@ we cannot change GENERIC for this, but it's > ok to document the requirement for IPSEC_FILTERGIF. Add a note > to this effect. Not to disagree with Max, but I always looked through NOTES for information. Perhaps a note could be added there? -- Tom Rhodes
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060626091009.457e14a6.trhodes>