From owner-freebsd-bugs@FreeBSD.ORG Sat Apr 10 01:20:23 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B62816A4CE for ; Sat, 10 Apr 2004 01:20:23 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1004743D39 for ; Sat, 10 Apr 2004 01:20:23 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i3A8KMbv002625 for ; Sat, 10 Apr 2004 01:20:22 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.10/8.12.10/Submit) id i3A8KM5q002624; Sat, 10 Apr 2004 01:20:22 -0700 (PDT) (envelope-from gnats) Date: Sat, 10 Apr 2004 01:20:22 -0700 (PDT) Message-Id: <200404100820.i3A8KM5q002624@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Joachim Schueth Subject: Re: kern/57760: IPsec policy on inbound trafic is not enforced(allows spoofing) X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Joachim Schueth List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Apr 2004 08:20:23 -0000 The following reply was made to PR kern/57760; it has been noted by GNATS. From: Joachim Schueth To: freebsd-gnats-submit@FreeBSD.org, dl2kcd@darc.de Cc: Subject: Re: kern/57760: IPsec policy on inbound trafic is not enforced (allows spoofing) Date: Sat, 10 Apr 2004 10:09:53 +0200 I did some further testing. The results are: - The problem still persists in FreeBSD-4.9-RELEASE-p4. - The problem does NOT occur when IPv6 support is included. To reproduce the problem, you have to comment out or remove the line "options INET6" in the kernel config. Joachim Schueth