From owner-freebsd-security  Mon Aug  5  7:23:48 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3DC9437B405
	for <freebsd-security@FreeBSD.ORG>; Mon,  5 Aug 2002 07:23:44 -0700 (PDT)
Received: from cage.simianscience.com (cage.simianscience.com [64.7.134.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5925543E6A
	for <freebsd-security@FreeBSD.ORG>; Mon,  5 Aug 2002 07:23:43 -0700 (PDT)
	(envelope-from mike@sentex.net)
Received: from house.sentex.net (fcage [192.168.0.2])
	by cage.simianscience.com (8.12.5/8.12.5) with ESMTP id g75ENg6A005952;
	Mon, 5 Aug 2002 10:23:42 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <5.1.0.14.0.20020805102513.07c350b8@192.168.0.12>
X-Sender: mdtancsa@192.168.0.12
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Mon, 05 Aug 2002 10:26:07 -0400
To: Eric Masson <e-masson@kisoft-services.com>
From: Mike Tancsa <mike@sentex.net>
Subject: Re: esp tunnel without gif(4) [Was Re: vpn1/fw1 NG to
  ipsec/racoon troubles, help please ...]
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <86wur5o0r4.fsf@notbsdems.nantes.kisoft-services.com>
References: <20020802172729.GA6880@blossom.cjclark.org>
 <sd455602.090@aus-gwia.aus.dcnhs.org>
 <20020730074813.GF89241@blossom.cjclark.org>
 <86znw5r9h3.fsf_-_@notbsdems.nantes.kisoft-services.com>
 <86k7n9qv08.fsf@notbsdems.nantes.kisoft-services.com>
 <20020802172729.GA6880@blossom.cjclark.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: amavis-20020220
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 04:09 PM 8/5/2002 +0200, Eric Masson wrote:
>  Crist> It's not the same as the regular routing table and will not show
>  Crist> up in 'netstat -rn.'
>
>It would be nice to have netstat -r show these routes with a new flag
>(like T for example), tunnelled end address as destination, tunneled
>origin address as gateway, and interface bound to tunnel origin address
>as netif.
>
>Does this look interesting or is this plain dumb ?

Something like this would make things much more clear IMHO.

         ---Mike

--------------------------------------------------------------------
Mike Tancsa,                          	          tel +1 519 651 3400
Sentex Communications,     			  mike@sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada			  www.sentex.net/mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message