On 10/4/22 1:53 AM, alfadev wrote:
Hi, i am trying to move my gateway from FreeBSD 11.0 to FreeBSD 14.0 to use
newly added ipfw table lookup for mac addresses
(https://reviews.freebsd.org/D35103)
Also I have too many IPSec connections between fortigate, cisco etc.
And their operators use only 3DES algorithms and they have no intention to
change it for me.
So, now i have to enable 3DES support for FreeBSD 14.0 .
To add 3DES support again i changed some files shown below.
I am not sure what i did any help welcomes.
You do not want to just restore the files as-is. You instead want to revert
some of the
diffs from the first commit. The second commit for /dev/crypto doesn't matter
for IPsec
and you can ignore it.
However, you will need to also partially revert commit
0e00c709d7f1cdaeb584d244df9534bcdd0ac527
which removes DES and 3DES from OCF itself. This is what removed enc_xform_des
for example.
--
John Baldwin
