From owner-freebsd-stable@freebsd.org Wed Jul 15 04:44:58 2015 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 68FFC99C24B for ; Wed, 15 Jul 2015 04:44:58 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 575FB1B81; Wed, 15 Jul 2015 04:44:58 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from FreeBSD.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by freefall.freebsd.org (Postfix) with ESMTP id C6ED41C96; Wed, 15 Jul 2015 04:44:57 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Date: Wed, 15 Jul 2015 04:44:55 +0000 From: Glen Barber To: "Eugene M. Zheganin" Cc: FreeBSD-STABLE Mailing List Subject: Re: ipsec broken again Message-ID: <20150715044455.GY15828@FreeBSD.org> References: <55A5E49D.1060000@norma.perm.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="x0PBmTWHB3bjoOVh" Content-Disposition: inline In-Reply-To: <55A5E49D.1060000@norma.perm.ru> X-Operating-System: FreeBSD 11.0-CURRENT amd64 X-SCUD-Definition: Sudden Completely Unexpected Dataloss X-SULE-Definition: Sudden Unexpected Learning Event X-PEKBAC-Definition: Problem Exists, Keyboard Between Admin/Computer User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2015 04:44:58 -0000 --x0PBmTWHB3bjoOVh Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 15, 2015 at 09:42:05AM +0500, Eugene M. Zheganin wrote: > As soon as I upgraded one of my ipsec routers to recent stable > (10.2-BETA1 #0 r285524) it stopped working as a security gateway. Ipsec > traffic is passed out and receiving in, SA are in place, but nothing > happens upon receipt (I run gre over ipsec, so gre interface doesn't see > any incoming packets). Last revision I have with ipsec working (probably > not the last in general) was r282461. Could please someone look into this= ? >=20 Please file a PR so this does not get lost. Add re@ to the CC list, as well. Glen --x0PBmTWHB3bjoOVh Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVpeVHAAoJEAMUWKVHj+KTZjIP/1LlrMsZOcvZ8+grwS5G5FOo mPxh91NpDZhc0oV33lz0IGa03YXGuXQR1wyK7JZ4W1Eoc/fSbRlC8OXhXnKX7z6W vy9XngL+Blxg907i27jL9tllEtuOvnWg3roSM0bxXjaj8lIMaEBADaQ9g6sd7Usw 0fpw8PVZ9cVZnIdg0u76/sS0927L0wxMZduVkEamUNg67YiDg5xIx+zTLiqPkorq KbbKaNqR/mVilotWF1ZBIJ6FZK9QoP64QVHKlWkdLofMwrblrUglHbCbvS7/V6bU 0UXSkS/dJH75/6dZbZGQ2m2lrqAFMlrfL7FgM3u8KzkERVDTwNDX2yQzZ/7Maayw OUJJiTQs1rA0EEH1pJ3dNU2p8OgRfW95H8P1DrZWkeSz15ZCeeYvj45nAuZh7dBD 8xs8EFlUmM1/aUR+OuGxV9IJXT8FumAghA4kJdPl1La49ymRkG+nBXy1IbY0ONa9 SJRTO267Vf9tWXPS8XLFc9FFkbTlp3X4Yx4Um8/Nw1/iu1r8c5Tj23s2juCA2MKQ +eV3mqoGhHFrHvWN2vEc7KmxNUXAtTCEQipTY0P9zU/nKzmOC6Si4gQwmFBrRm9o xFVNBdbvVzTr98Kwyez2TWrHchM3VrF09PFGtOTx5L9i6g8C1mog+fjjEf3FAoox vRb9K9c/GMY4Byzkpiqn =r2Xe -----END PGP SIGNATURE----- --x0PBmTWHB3bjoOVh--