From owner-cvs-all@FreeBSD.ORG Mon Jun 26 13:19:49 2006 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 47E4C16A409; Mon, 26 Jun 2006 13:19:49 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4E5C443DF9; Mon, 26 Jun 2006 13:18:04 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.pc (host5.bedc.ondsl.gr [62.103.39.229]) (authenticated bits=128) by igloo.linux.gr (8.13.7/8.13.7/Debian-1) with ESMTP id k5QDHfUM014385 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 26 Jun 2006 16:17:45 +0300 Received: from gothmog.pc (gothmog [127.0.0.1]) by gothmog.pc (8.13.7/8.13.7) with ESMTP id k5QDHVhb085672; Mon, 26 Jun 2006 16:17:32 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.pc (8.13.7/8.13.7/Submit) id k5QDHU98085671; Mon, 26 Jun 2006 16:17:30 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Mon, 26 Jun 2006 16:17:30 +0300 From: Giorgos Keramidas To: Tom Rhodes Message-ID: <20060626131730.GA85302@gothmog.pc> References: <200606261306.k5QD6MxK069792@repoman.freebsd.org> <20060626091009.457e14a6.trhodes@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060626091009.457e14a6.trhodes@FreeBSD.org> X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (score=-3.456, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.94, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Spam-Status: No Cc: doc-committers@FreeBSD.org, cvs-doc@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: doc/en_US.ISO8859-1/books/handbook/security chapter.sgml X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Jun 2006 13:19:49 -0000 On 2006-06-26 09:10, Tom Rhodes wrote: > On Mon, 26 Jun 2006 13:06:22 +0000 (UTC) > Giorgos Keramidas wrote: > > keramida 2006-06-26 13:06:22 UTC > > > > FreeBSD doc repository > > > > Modified files: > > en_US.ISO8859-1/books/handbook/security chapter.sgml > > Log: > > When IPSEC is configured according to the Handbook[1], pf fails > > to track connection state properly, because it does not see > > packets coming from the tunneled interface to gif(4). Rebuilding > > with IPSEC_FILTERGIF fixes the problem. > > > > According to mlaier@ we cannot change GENERIC for this, but it's > > ok to document the requirement for IPSEC_FILTERGIF. Add a note > > to this effect. > > Not to disagree with Max, but I always looked through NOTES > for information. Perhaps a note could be added there? Sure. I see no problem with that. Comments are an extremely useful type of documentation too :)