From owner-cvs-all Tue Nov 6 14:45:38 2001 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id F1DB137B418; Tue, 6 Nov 2001 14:45:29 -0800 (PST) Received: (from ume@localhost) by freefall.freebsd.org (8.11.4/8.11.4) id fA6MjTr16358; Tue, 6 Nov 2001 14:45:29 -0800 (PST) (envelope-from ume) Message-Id: <200111062245.fA6MjTr16358@freefall.freebsd.org> From: Hajimu UMEMOTO Date: Tue, 6 Nov 2001 14:45:29 -0800 (PST) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/netinet6 ipsec.c src/sys/netkey key.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ume 2001/11/06 14:45:29 PST Modified files: sys/netinet6 ipsec.c sys/netkey key.c Log: Fixed the behavior when there is no inbound policy for the ipsec tunneled packet. When there is no suitable inbound policy for the packet of the ipsec tunnel mode, the kernel never decapsulate the tunneled packet as the ipsec tunnel mode even when the system wide policy is "none". Then the kernel leaves the generic tunnel module to process this packet. If there is no rule of the generic tunnel, the packet is rejected and the statistics will be counted up. Obtained from: KAME MFC after: 1 week Revision Changes Path 1.14 +8 -0 src/sys/netinet6/ipsec.c 1.35 +0 -22 src/sys/netkey/key.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message