Date: Tue, 01 Apr 2003 12:19:43 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: Sam Leffler <sam@errno.com> Cc: Mailing List FreeBSD Network <freebsd-net@freebsd.org> Subject: Re: options FAST_IPSEC & tunnels Message-ID: <3E89F45F.1060506@tenebras.com> In-Reply-To: <05b901c2f881$67e907f0$52557f42@errno.com> References: <86pto6mbxj.fsf@notbsdems.interne.kisoft-services.com> <05b901c2f881$67e907f0$52557f42@errno.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sam Leffler wrote: > Wow, someone besides me actually using fast ipsec! :) At least two of us, besides you... > > Packets are tagged once they've been processed on input. I think you can do > a similar check with something like: > > if (m_tag_find(PACKET_TAG_IPSEC_IN_DONE) != NULL) > goto pass; > > Long term, I intend is to associate packets with an enc device so there's a > way to identify these packets when writing firewall rules. That would be really helpful.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E89F45F.1060506>