From owner-freebsd-net@FreeBSD.ORG  Mon Jan 24 06:13:25 2011
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E9D721065670
	for <freebsd-net@freebsd.org>; Mon, 24 Jan 2011 06:13:25 +0000 (UTC)
	(envelope-from alex@zagrebin.ru)
Received: from mail.zagrebin.ru (gw.zagrebin.ru [91.215.205.128])
	by mx1.freebsd.org (Postfix) with ESMTP id 92BDA8FC0C
	for <freebsd-net@freebsd.org>; Mon, 24 Jan 2011 06:13:24 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=zagrebin.ru;
	s=mail; 
	h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date;
	bh=H+MMucMdn1NG0rFTuBzSVuRGZjCfL0sveLoPKxDdXxs=; 
	b=ixknirvU5uAGiFVwEQMPcAAoVqMbI/OarA+5Grd6mp+D4R1HogqGoCP1jG9AvQJqomebTui0jSlNJzBGaF2xPgmv++Nue5+5BdN/jAggu/QEn/eEoatNPFx4edpPoiDH/K4GB2bRA+tAbCIBwbC+gMPOPzslM1xpaQ/OAPyW12Y=;
Received: from alex by mail.zagrebin.ru with local (Exim 4.73 (FreeBSD))
	(envelope-from <alex@zagrebin.ru>)
	id 1PhFg2-0007e9-H4; Mon, 24 Jan 2011 09:13:22 +0300
Date: Mon, 24 Jan 2011 09:13:22 +0300
From: Alexander Zagrebin <alex@zagrebin.ru>
To: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
Message-ID: <20110124061321.GA67220@gw.zagrebin.ru>
References: <20110123161137.A3489@maildrop.int.zabbadoz.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20110123161137.A3489@maildrop.int.zabbadoz.net>
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-net@freebsd.org
Subject: Re: NAT-T/UDPENCAP patch from stable/7
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Jan 2011 06:13:26 -0000

Hi!

On 23.01.2011 16:13:48 +0000, Bjoern A. Zeeb wrote:

> here is a version of the NAT-T/UDPENCAP patch as in 8 and 9 for
> today's stable/7 for anyone who might want/need it.  I would
> expect it will equally apply to 7.4-RELEASE once that happened.
> 
> http://people.freebsd.org/~bz/20110123-01-stable7-natt.diff
> 
> You will need to figure out the right version of ipsec-tools or other
> IKE clients yourself though.

Until now (at least on the 8.2-PRERELEASE) the setkey from the base
distribution doesn't dump the SAD entries (`setkey -D`) if NAT-T is used.
It reports: "Invalid extension type".

Will be this fixed?

-- 
Alexander Zagrebin