From owner-freebsd-net@FreeBSD.ORG Wed Sep 13 13:13:52 2006 Return-Path: X-Original-To: freebsd-net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A3C6716A5D0 for ; Wed, 13 Sep 2006 13:13:52 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from leia.fdn.fr (ns0.fdn.org [80.67.169.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id 13FBB43D4C for ; Wed, 13 Sep 2006 13:13:51 +0000 (GMT) (envelope-from vanhu@zeninc.net) Received: from smtp.zeninc.net (reverse-25.fdn.fr [80.67.176.25]) by leia.fdn.fr (8.13.3/8.13.3/FDN) with ESMTP id k8DDDnYQ016499 for ; Wed, 13 Sep 2006 15:13:50 +0200 Received: by smtp.zeninc.net (smtpd, from userid 1000) id 92F0D3F17; Wed, 13 Sep 2006 15:13:43 +0200 (CEST) Date: Wed, 13 Sep 2006 15:13:43 +0200 From: VANHULLEBUS Yvan To: freebsd-net@FreeBSD.org Message-ID: <20060913131343.GA19069@zen.inc> References: <20060905022120.19c6d62d.nork@FreeBSD.org> <20060904172700.W44392@maildrop.int.zabbadoz.net> <20060904175127.F44392@maildrop.int.zabbadoz.net> <20060906070135.GA1003@jayce.zen.inc> <20060909203147.219ae160.nork@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060909203147.219ae160.nork@FreeBSD.org> User-Agent: All mail clients suck. This one just sucks less. Cc: Subject: Re: Where is IPSec NAT-T support? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Sep 2006 13:13:52 -0000 On Sat, Sep 09, 2006 at 08:31:47PM +0900, Norikatsu Shigemura wrote: > On Wed, 6 Sep 2006 09:01:35 +0200 [NAT-T patches] > > - The public patch (A) works for IPSEC, and should apply on both > > RELENG_6 and RELENG_6_1 (some minor patching issues may need to be > > solved by hand, but it's just some indentation changes in the source > > code between the two versions). > > - This public patch does NOT provide support for multiple peers behind > > the same NAT device. > > - I have a newer version of the patch (B), against RELENG_6_1, which > > provides such support for multiples peers behind the same NAT > > device. I was about to put it in public place when someone raised a > > discutable implementation choice in the way ipsec-tools and kernel > > exchange some datas specific to that NAT-T support (I ported it from > > Manu's work on NetBSD). > > How to get the patch(B)? I'm interesting new version of the patch. I just updated the public patch, it should be available on ipsec-tools website in a few hours (it replaces the old one, same address, MD5 sum is 81d535363981b5e84be77cbf26918ccc). [....] > I'm interesting FAST_IPSEC support:-). if Larry or someone else have quickly some time to do it, please let me know. If no one else port that (it shouldn't be too difficult, but takes some time), I'll do it "ASAP"..... Yvan. -- NETASQ http://www.netasq.com