Date: Mon, 21 Aug 2006 20:45:54 +0400 From: "Andrew Pantyukhin" <infofarmer@FreeBSD.org> To: "Jeremie Le Hen" <jeremie@le-hen.org> Cc: remko@freebsd.org, thompsa@freebsd.org, net@freebsd.org Subject: Re: [fbsd] Re: Routing IPSEC packets? Message-ID: <cb5206420608210945q2c6659f8oa52644727510dd18@mail.gmail.com> In-Reply-To: <20060821162830.GA58048@obiwan.tataz.chchile.org> References: <44E58E9E.1030401@FreeBSD.org> <44E5F19E.9070600@isi.edu> <cb5206420608181236h34c0b85fwffc93bdd6c6979f4@mail.gmail.com> <44E619F7.7030300@isi.edu> <cb5206420608181258w3c845f93w589525e4c7293816@mail.gmail.com> <20060821162830.GA58048@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8/21/06, Jeremie Le Hen <jeremie@le-hen.org> wrote: > As is has indeed already been stated in this thread, IPSec tunnel mode > shunts the routing table. However the new enc(4) interface that Andrew > Thompson has imported from OpenBSD allows to filter IPSec traffic in a > more natural way. My understanding is that "options IPSEC_FILTERGIF" already forces decoded packets to show up on the interface: http://lists.freebsd.org/pipermail/freebsd-bugs/2005-December/016074.html
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5206420608210945q2c6659f8oa52644727510dd18>