Date: Thu, 31 May 2007 09:23:05 +0200 From: VANHULLEBUS Yvan <vanhu_bsd@zeninc.net> To: freebsd-net@freebsd.org Subject: Re: Applying NAT-T patch Message-ID: <20070531072304.GA28098@zen.inc> In-Reply-To: <053120070319.25073.465E3EB3000078F2000061F122007348309709090E999C@comcast.net> References: <053120070319.25073.465E3EB3000078F2000061F122007348309709090E999C@comcast.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 31, 2007 at 03:19:15AM +0000, swaggy@comcast.net wrote: Hi. > According to the following thread, one must do more then just apply the NAT-T > patch and rebuild the kernel: > http://lists.freebsd.org/pipermail/freebsd-net/2006-September/011855.html > > What other steps are necessary to apply the patch to a 6.x system? Can I get > away without re-building/re-installing world? rebuilding/reinstalling world may be very interesting as some system programs uses some structs which size are changed by the patch. But you can skip this part if you are *absolutely* sure to NEVER use such programs (system's setkey and a few other ones I don't remember). reinstalling /usr/include headers is necessary to export the correct versions of some headers (net/pfkeyv2.h, some stuff in udp headers, etc...). rebuilding ipsec-tools port is necessary when your headers have been exported, to let the port's configure detect that your system now have NAT-T support. Yvan. -- NETASQ http://www.netasq.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070531072304.GA28098>