IPSEC documentation
Brian Candler
B.Candler at pobox.com
Fri Jan 20 13:53:38 PST 2006
> On Thu, Dec 29, 2005 at 09:50:47AM +0300, Alexey Popov wrote:
> > If we would also have NAT-T support, FreeBSD would be the best choice
> > of VPN concentrator.
I just saw this patch posted on the ipsec-tools-devel list:
http://ipsec-tools.sf.net/freebsd6-natt.diff
It's for FreeBSD 6 but also seems to apply cleanly to 5.4, apart from one
file which I think needs this instead:
--- ./netinet/in_proto.c.orig Mon Mar 21 16:05:35 2005
+++ ./netinet/in_proto.c Fri Jan 20 21:41:59 2006
@@ -108,7 +108,7 @@
&nousrreqs
},
{ SOCK_DGRAM, &inetdomain, IPPROTO_UDP, PR_ATOMIC|PR_ADDR,
- udp_input, 0, udp_ctlinput, ip_ctloutput,
+ udp_input, 0, udp_ctlinput, udp_ctloutput,
0,
udp_init, 0, 0, 0,
&udp_usrreqs
Haven't tested it yet - just waiting for kernel to recompile :-)
Regards,
Brian.
More information about the freebsd-net
mailing list