From owner-freebsd-ipfw@FreeBSD.ORG  Sun Jul  6 23:46:28 2003
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F141E37B401
	for <freebsd-ipfw@FreeBSD.org>; Sun,  6 Jul 2003 23:46:27 -0700 (PDT)
Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7CB7843F3F
	for <freebsd-ipfw@FreeBSD.org>; Sun,  6 Jul 2003 23:46:27 -0700 (PDT)
	(envelope-from rizzo@xorpc.icir.org)
Received: from xorpc.icir.org (localhost [127.0.0.1])
	by xorpc.icir.org (8.12.8p1/8.12.3) with ESMTP id h676kRkN045438;
	Sun, 6 Jul 2003 23:46:27 -0700 (PDT)
	(envelope-from rizzo@xorpc.icir.org)
Received: (from rizzo@localhost)
	by xorpc.icir.org (8.12.8p1/8.12.3/Submit) id h676kOBI045437;
	Sun, 6 Jul 2003 23:46:24 -0700 (PDT)
	(envelope-from rizzo)
Date: Sun, 6 Jul 2003 23:46:24 -0700
From: Luigi Rizzo <luigi@FreeBSD.org>
To: Michael Sierchio <kudzu@tenebras.com>
Message-ID: <20030706234624.A45394@xorpc.icir.org>
References: <200307070113.h671DPeG082710@freefall.freebsd.org>
	<3F08DABB.2020509@tenebras.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <3F08DABB.2020509@tenebras.com>;
	from kudzu@tenebras.com on Sun, Jul 06, 2003 at 07:28:11PM -0700
cc: freebsd-ipfw@FreeBSD.org
cc: ari.suutari@syncrontech.com
Subject: Re: kern/53624: patches for ipfw2 to support ipsec packet filtering
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jul 2003 06:46:28 -0000

On Sun, Jul 06, 2003 at 07:28:11PM -0700, Michael Sierchio wrote:
> Luigi Rizzo wrote:
> > Synopsis: patches for ipfw2 to support ipsec packet filtering
> > 
> > State-Changed-From-To: open->closed
> > State-Changed-By: luigi
> > State-Changed-When: Sun Jul 6 18:13:14 PDT 2003
> > State-Changed-Why: 
> > committed, thanks
> 
> 
> Question: How does this interact with Sam Leffler's FAST_IPSEC ?

i believe it works in the way you mention.

	luigi

> That is, may we instead of
> 
> 	options IPFIREWALL
> 	options IPSEC
> 	options IPSEC_ESP
> 	options IPSEC_FILTERGIF
> 
> do this
> 	options IPFIREWALL
> 	options FAST_IPSEC
> 	options IPSEC_FILTERGIF
> ?
> 
>