Date: Mon, 27 Oct 2003 14:19:16 -0800 From: "Crist J. Clark" <cristjc@comcast.net> To: Bill Swingle <unfurl@dub.net> Cc: "G. Panula" <greg.panula@lexisnexis.com> Subject: Re: IPSec VPNs: to gif or not to gif Message-ID: <20031027221916.GA46461@blossom.cjclark.org> In-Reply-To: <20031026165222.GA31223@dub.net> References: <u0qcpv0csl3lb1p6a8aioe7qjqjtvd6th9@4ax.com> <3F97BA17.8050403@lexisnexis.com> <20031026165222.GA31223@dub.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 26, 2003 at 08:52:22AM -0800, Bill Swingle wrote:
> On Thu, Oct 23, 2003 at 06:23:03AM -0500, G. Panula wrote:
> > Current behavior is encrypted packet is handled by ipfw once, then after
> > decryption it is only handled by ipfw(again) if it passes thru an
> > interface didn't arrive on.
>
> Does this apply to ipfilter as well?
Yes.
--
Crist J. Clark | cjclark@alum.mit.edu
| cjclark@jhu.edu
http://people.freebsd.org/~cjc/ | cjc@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031027221916.GA46461>