Date: Mon, 27 Oct 2003 14:19:16 -0800 From: "Crist J. Clark" <cristjc@comcast.net> To: Bill Swingle <unfurl@dub.net> Cc: "G. Panula" <greg.panula@lexisnexis.com> Subject: Re: IPSec VPNs: to gif or not to gif Message-ID: <20031027221916.GA46461@blossom.cjclark.org> In-Reply-To: <20031026165222.GA31223@dub.net> References: <u0qcpv0csl3lb1p6a8aioe7qjqjtvd6th9@4ax.com> <3F97BA17.8050403@lexisnexis.com> <20031026165222.GA31223@dub.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 26, 2003 at 08:52:22AM -0800, Bill Swingle wrote: > On Thu, Oct 23, 2003 at 06:23:03AM -0500, G. Panula wrote: > > Current behavior is encrypted packet is handled by ipfw once, then after > > decryption it is only handled by ipfw(again) if it passes thru an > > interface didn't arrive on. > > Does this apply to ipfilter as well? Yes. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031027221916.GA46461>