From owner-cvs-all@FreeBSD.ORG  Sun Aug  5 16:16:16 2007
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 35EAE16A418;
	Sun,  5 Aug 2007 16:16:16 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 32EF213C45A;
	Sun,  5 Aug 2007 16:16:16 +0000 (UTC) (envelope-from bz@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id l75GGGb3018243;
	Sun, 5 Aug 2007 16:16:16 GMT (envelope-from bz@repoman.freebsd.org)
Received: (from bz@localhost)
	by repoman.freebsd.org (8.14.1/8.14.1/Submit) id l75GGGe4018242;
	Sun, 5 Aug 2007 16:16:16 GMT (envelope-from bz)
Message-Id: <200708051616.l75GGGe4018242@repoman.freebsd.org>
From: "Bjoern A. Zeeb" <bz@FreeBSD.org>
Date: Sun, 5 Aug 2007 16:16:16 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: src/sbin/ipfw ipfw.8 src/share/man/man4 ipsec.4
 src/sys/conf NOTES options src/sys/netinet ip_input.c ip_ipsec.c
 ip_ipsec.h src/sys/netinet6 ip6_ipsec.c ip6_ipsec.h
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Aug 2007 16:16:16 -0000

bz          2007-08-05 16:16:15 UTC

  FreeBSD src repository

  Modified files:
    sbin/ipfw            ipfw.8 
    share/man/man4       ipsec.4 
    sys/conf             NOTES options 
    sys/netinet          ip_input.c ip_ipsec.c ip_ipsec.h 
    sys/netinet6         ip6_ipsec.c ip6_ipsec.h 
  Log:
  Rename option IPSEC_FILTERGIF to IPSEC_FILTERTUNNEL.
  Also rename the related functions in a similar way.
  There are no functional changes.
  
  For a packet coming in with IPsec tunnel mode, the default is
  to only call into the firewall with the "outer" IP header and
  payload.
  
  With this option turned on, in addition to the "outer" parts,
  the "inner" IP header and payload are passed to the
  firewall too when going through ip_input() the second time.
  
  The option was never only related to a gif(4) tunnel within
  an IPsec tunnel and thus the name was very misleading.
  
  Discussed at:                   BSDCan 2007
  Best new name suggested by:     rwatson
  Reviewed by:                    rwatson
  Approved by:                    re (bmah)
  
  Revision  Changes    Path
  1.203     +2 -2      src/sbin/ipfw/ipfw.8
  1.22      +3 -3      src/share/man/man4/ipsec.4
  1.1448    +4 -4      src/sys/conf/NOTES
  1.604     +1 -1      src/sys/conf/options
  1.331     +1 -1      src/sys/netinet/ip_input.c
  1.7       +3 -3      src/sys/netinet/ip_ipsec.c
  1.2       +1 -1      src/sys/netinet/ip_ipsec.h
  1.6       +3 -3      src/sys/netinet6/ip6_ipsec.c
  1.2       +1 -1      src/sys/netinet6/ip6_ipsec.h