Date: Tue, 01 Apr 2003 18:15:20 +0200 From: Eric Masson <e-masson@kisoft-services.com> To: Mailing List FreeBSD Network <freebsd-net@FreeBSD.org> Subject: options FAST_IPSEC & tunnels Message-ID: <86pto6mbxj.fsf@notbsdems.interne.kisoft-services.com>
next in thread | raw e-mail | index | archive | help
Hello I'm using IPSEC tunnels to join different gateways over the Internet. I've made some trials with FAST_IPSEC today (I've received a Soekris VPN1201) and i'm facing a problem with incoming packets. The following code snippet from /sys/netinet/ip_input.c permits detunneled packets to flow without being filtered by ipf/ipfw : #if defined(IPSEC) && !defined(IPSEC_FILTERGIF) /* * Bypass packet filtering for packets from a tunnel (gif). */ if (ipsec_gethist(m, NULL)) goto pass; #endif Is there any counterpart for FAST_IPSEC (I've dug thru the code, but no luck atm) ? Regards. Eric Masson -- je me suis créé un tas d'amis virtuels. Pourquoi cette sympathie? le flux peut-être magnétique que je dégage, vu que je guéris les brûlures par pression de mes mains sur les plaies et cloques. Et c'est vrai. -+- DD in <http://www.le-gnu.net>; C'est vrai je l'ai lu sur usenet -+-
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86pto6mbxj.fsf>