IPSec VPNs: to gif or not to gif
Crist J. Clark
cristjc at comcast.net
Mon Oct 27 14:19:27 PST 2003
On Sun, Oct 26, 2003 at 08:52:22AM -0800, Bill Swingle wrote:
> On Thu, Oct 23, 2003 at 06:23:03AM -0500, G. Panula wrote:
> > Current behavior is encrypted packet is handled by ipfw once, then after
> > decryption it is only handled by ipfw(again) if it passes thru an
> > interface didn't arrive on.
>
> Does this apply to ipfilter as well?
Yes.
--
Crist J. Clark | cjclark at alum.mit.edu
| cjclark at jhu.edu
http://people.freebsd.org/~cjc/ | cjc at freebsd.org
More information about the freebsd-security
mailing list