options FAST_IPSEC & tunnels
Eric Masson
e-masson at kisoft-services.com
Tue Apr 1 08:15:34 PST 2003
Hello
I'm using IPSEC tunnels to join different gateways over the Internet.
I've made some trials with FAST_IPSEC today (I've received a Soekris
VPN1201) and i'm facing a problem with incoming packets.
The following code snippet from /sys/netinet/ip_input.c permits
detunneled packets to flow without being filtered by ipf/ipfw :
#if defined(IPSEC) && !defined(IPSEC_FILTERGIF)
/*
* Bypass packet filtering for packets from a tunnel (gif).
*/
if (ipsec_gethist(m, NULL))
goto pass;
#endif
Is there any counterpart for FAST_IPSEC (I've dug thru the code, but no
luck atm) ?
Regards.
Eric Masson
--
je me suis créé un tas d'amis virtuels. Pourquoi cette sympathie? le
flux peut-être magnétique que je dégage, vu que je guéris les brûlures
par pression de mes mains sur les plaies et cloques. Et c'est vrai.
-+- DD in <http://www.le-gnu.net> C'est vrai je l'ai lu sur usenet -+-
More information about the freebsd-net
mailing list