From owner-freebsd-net Fri Jan 3 1:46: 4 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFD4037B406 for ; Fri, 3 Jan 2003 01:46:02 -0800 (PST) Received: from n97.nomadiclab.com (teldanex.hiit.fi [212.68.5.99]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9869543EC5 for ; Fri, 3 Jan 2003 01:46:01 -0800 (PST) (envelope-from pekka.nikander@nomadiclab.com) Received: from nomadiclab.com (polle.local.nikander.com [192.168.0.193]) by n97.nomadiclab.com (Postfix) with ESMTP id 2B5D923; Fri, 3 Jan 2003 11:54:16 +0200 (EET) Message-ID: <3E155BB5.4000706@nomadiclab.com> Date: Fri, 03 Jan 2003 11:45:25 +0200 From: Pekka Nikander User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-US; rv:1.3b) Gecko/20021230 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Brooks Davis Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec / ipfw interaction in 4.7-STABLE: a proposed change References: <3E144753.7020905@nomadiclab.com> <86k7hnz4hp.fsf@notbsdems.nantes.kisoft-services.com> <20030102122941.A27618@Odin.AC.HMC.Edu> In-Reply-To: <20030102122941.A27618@Odin.AC.HMC.Edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Brooks Davis wrote: > loif[] is evil and its use should not be extended. In any case, NLOOP > no longer exists in current since loopback interfaces are clonable. If > you didn't want to adopt OpenBSD's enc interface, an alternate solution > might be to set up an ioctl to allow you to register the interface you > want to have these packets come from. OpenBSD enc sounds like the right choice, but I'm a bit worried about the amount of work involved in porting it. Handling incoming packets seems to be easy enough, but implementing the possibility of snooping outgoing packets may not be that easy... Now, out of curiosity, why do you consider loif[] evil? --Pekka Nikander To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message