cvs commit: src/sbin/ipfw ipfw.8 src/share/man/man4 ipsec.4
src/sys/conf NOTES options src/sys/netinet ip_input.c ip_ipsec.c
ip_ipsec.h src/sys/netinet6 ip6_ipsec.c ip6_ipsec.h
Bjoern A. Zeeb
bz at FreeBSD.org
Sun Aug 5 09:16:16 PDT 2007
bz 2007-08-05 16:16:15 UTC
FreeBSD src repository
Modified files:
sbin/ipfw ipfw.8
share/man/man4 ipsec.4
sys/conf NOTES options
sys/netinet ip_input.c ip_ipsec.c ip_ipsec.h
sys/netinet6 ip6_ipsec.c ip6_ipsec.h
Log:
Rename option IPSEC_FILTERGIF to IPSEC_FILTERTUNNEL.
Also rename the related functions in a similar way.
There are no functional changes.
For a packet coming in with IPsec tunnel mode, the default is
to only call into the firewall with the "outer" IP header and
payload.
With this option turned on, in addition to the "outer" parts,
the "inner" IP header and payload are passed to the
firewall too when going through ip_input() the second time.
The option was never only related to a gif(4) tunnel within
an IPsec tunnel and thus the name was very misleading.
Discussed at: BSDCan 2007
Best new name suggested by: rwatson
Reviewed by: rwatson
Approved by: re (bmah)
Revision Changes Path
1.203 +2 -2 src/sbin/ipfw/ipfw.8
1.22 +3 -3 src/share/man/man4/ipsec.4
1.1448 +4 -4 src/sys/conf/NOTES
1.604 +1 -1 src/sys/conf/options
1.331 +1 -1 src/sys/netinet/ip_input.c
1.7 +3 -3 src/sys/netinet/ip_ipsec.c
1.2 +1 -1 src/sys/netinet/ip_ipsec.h
1.6 +3 -3 src/sys/netinet6/ip6_ipsec.c
1.2 +1 -1 src/sys/netinet6/ip6_ipsec.h
More information about the cvs-src
mailing list