Date: Mon, 21 Jul 2008 08:33:57 -0700 From: Sam Leffler <sam@freebsd.org> To: VANHULLEBUS Yvan <vanhu@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] Message-ID: <4884AC65.7020605@freebsd.org> In-Reply-To: <20080721141327.GA24677@zen.inc> References: <20080630040103.94730.qmail@mailgate.gta.com> <486A45AB.2080609@freebsd.org> <487EC62A.3070301@freebsd.org> <20080721083110.GA21786@zen.inc> <20080721141327.GA24677@zen.inc>
next in thread | previous in thread | raw e-mail | index | archive | help
VANHULLEBUS Yvan wrote: > On Mon, Jul 21, 2008 at 10:31:10AM +0200, VANHULLEBUS Yvan wrote: > >> On Wed, Jul 16, 2008 at 09:10:18PM -0700, Sam Leffler wrote: >> [...] >> >>> Please test/review the following patch against HEAD: >>> >>> http://people.freebsd.org/~sam/nat_t-20080616.patch >>> >> I have tested the RELENG7 version of the patch, and it works well. >> >> >> But I noticed a misplaced #endif at the beginning of udp_ctloutput(), >> which will generate problems if INET6 is not defined: >> > [....] > > > After some more testing, I found another issue: in udp4_espdecap(), > when payload <= sizeof(uint64_t) + sizeof(struct esp), packet should > not be discarded, but just returned for normal processing. > Please edit the sam_nat_t branch in p4 or send a patch I can apply. > And I also have doubts about a change in udp_ctloutput(), in the > switch statement which process optval and searches for an > UDP_ENCAP_ESPINUDP* flag. > > The way you changed it forces a flags cleanup anytime. > I don't see why someone would set both UDP_ENCAP_ESPINUDP and > UDP_ENCAP_ESPINUDP_NON_IKE, but as I was tracking down a problem, I > changed it again to be processed "the old way" to ensure it was not > the source of the issue. > Sorry but I'm not clear on what you are saying. The code changed the behaviour of setting udp encapsulation so that only one of UDP_ENCAP_ESPINUDP and UDP_ENCAP_ESPINUDP_NON_IKE can be set a time. The original code from you permitted both flags to be set but the code that handled the encap/decap assumed only one was set. > Sam, did you have a good reason to change that part of the code, or > was it mostly to have a more compliant coding style ? > See above. > > Updated patches are available for HEAD, RELENG7 and RELENG63 (yeah :-) > here: > http://people.freebsd.org/~vanhu/NAT-T/ > > Please all notice that there is still the word "test" in patches > names..... > Sorry again I don't understand what you write. Sam > > > Yvan. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4884AC65.7020605>