CVSROOT: /cvs Module name: src Changes by: bl...@cvs.openbsd.org 2024/05/16 07:01:04
Modified files: sys/netinet : ip_output.c Log message: Fix IPsec in use with IP forwarding 2 logic. If sysctl net.inet.ip.forwarding is 2, only packets processed by IPsec are forwarded. Variable ipsec_in_use is a shortcut to avoid IPsec processing if no policy has been configured. With ipsec_in_use unset and ipforwarding set to IPsec only, the packet must be dropped. OK claudio@