|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: IPSec VPNs: to gif or not to gif
From: Jim Hatfield (subscriber
insignia.com)
Date: Fri Oct 24 2003 - 06:40:11 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 23 Oct 2003 12:23:03 +0100, in local.freebsd.security you
wrote:
>The issue was put to bed.
>Reference:
>http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_input.c?rev=1.2
>14&content-type=text/x-cvsweb-markup
>http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_input.c?rev=1.1
>30.2.48&content-type=text/x-cvsweb-markup
>http://docs.freebsd.org/cgi/getmsg.cgi?fetch=132950+0+/usr/local/www/db/
>text/2001/freebsd-security/20010325.freebsd-security
>
>Current behavior is encrypted packet is handled by ipfw once, then after
>
>decryption it is only handled by ipfw(again) if it passes thru an
>interface didn't arrive on.
Many thanks, that's very helpful.
Jim
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]