FAST_IPSEC NAT-T support
Bjoern A. Zeeb
bzeeb-lists at lists.zabbadoz.net
Mon Sep 18 10:45:22 PDT 2006
On Mon, 18 Sep 2006, VANHULLEBUS Yvan wrote:
> On Mon, Sep 18, 2006 at 03:04:04PM +0000, Bjoern A. Zeeb wrote:
>> On Mon, 18 Sep 2006, VANHULLEBUS Yvan wrote:
>>
>>> By default in FreeBSd's port, NAT-T support is enabled if support is
>>> detected on the system (checks for some structs in
>>> include/net/pfkeyv2.h).
>>>
>>> Can you compile again ipsec-tools port, but not clean it, and check in
>>> config.h if you have NAT-T support enabled.
>>
>> What I had found in the past is that the port (more exactly
>> ipsec-tools) does not complain if configure is run with
>> --enable-natt but the correct header files are no there. It silently
>> continues and just disables natt support.
>> That beahvior would be fine for "autodetect" but not for a command
>> line option that says "I want natt support and you give me".
>
> By default, I have set the value of port's configuration to "kernel",
> which is exactly "use it if supported".
could you change that in the port to "yes" then. If NATT is enabled
the build must fail else the choice in make config does not make any
sense - does it?
--
Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT
More information about the freebsd-net
mailing list