On Tue, 2014-02-25 at 23:24 +0100, Georgios Amanakis wrote:
> > Index: netipsec/xform_ipip.c
> > ===================================================================
> > --- netipsec/xform_ipip.c (revision 262492)
> > +++ netipsec/xform_ipip.c (working copy)
> > @@ -181,6 +181,7 @@
> > IPIPSTAT_INC(ipips_ipackets);
> >
> > m_copydata(m, 0, 1, &v);
> > + m_clrprotoflags(m);
> >
> > switch (v >> 4) {
> > #ifdef INET
>
>
> That one does not resolve it correctly, i.e. not all ipsec packets are
> captured. Furthermore, the captured packets have both directions, in
> and out (as captured by: allow ip from any to any in, allow ip from
> any to any out)
Did you test with IPsec as transport mode or as tunnel mode ?
--
[REDACTED]
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
