On Tue, Nov 19, 2002 at 10:56:25AM -0800, Archie Cobbs wrote:
> Guido van Rooij wrote:
> > > The problem is that while ESP packets arrive to be processed by
> > > IPsec just fine thru my ipfw rules, when the packets are de-encrypted
> > > and re-inserted into the kernel they appear to ipfw to be
I need the divert rule for NATD.
-Scott
-Original Message-
From: Guido van Rooij [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 19, 2002 2:24 PM
To: Scott Ullrich
Cc: David Kelly; 'Archie Cobbs'; '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: Re: IPsec packets seen on wrong interfac
Bob Johnson wrote:
>
> On Saturday 16 November 2002 08:19 pm, Lefteris Tsintjelis wrote:
> > It sure is misleading. Why is it called -stable then? You would expect
> > to stand up to its name.
>
> It is called -stable because once upon a time it was intended to
> BE stable. Commits to -stable we
On Tue, Nov 19, 2002 at 02:08:54PM -0500, Scott Ullrich wrote:
> Guido,
>
> I am using a tunneling device (gif0).
>
> How are we supposed to fix the issue with your patch installed? If we need
> to add more rules, that's fine but what would these rules be? Are they
> before the divert? After
Guido van Rooij wrote:
> > The problem is that while ESP packets arrive to be processed by
> > IPsec just fine thru my ipfw rules, when the packets are de-encrypted
> > and re-inserted into the kernel they appear to ipfw to be coming from
> > my external interface (the one they arrived on via ES
Guido,
I am using a tunneling device (gif0).
How are we supposed to fix the issue with your patch installed? If we need
to add more rules, that's fine but what would these rules be? Are they
before the divert? After the divert, etc?
Is there a bug in ipfw? Either way, these changes should b
On Tue, Nov 19, 2002 at 04:24:56PM +0100, Patrick M. Hausen wrote:
> Hello!
>
> Guido wrote:
>
> > > The problem is that while ESP packets arrive to be processed by
> > > IPsec just fine thru my ipfw rules, when the packets are de-encrypted
> > > and re-inserted into the kernel they appear to i
On Tue, Nov 19, 2002 at 10:11:29AM -0600, David Kelly wrote:
>
> Once the ipsec history is removed from the packet then how/what/where is
> the packet tagged as having come from? In my case it appears to have
It is tagged as any other packet.
> retained properties of the ESP packet it was encase
Jonathan Chen wrote:
>
> On Mon, Nov 18, 2002 at 03:12:25PM -0800, Mike Hoskins wrote:
> > On Mon, 18 Nov 2002, Sameer R. Manek wrote:
>
> [..]
> > > The definition of what is -stable has been relaxed in the past 2 years. If
> > > you look at the handbook from 2 years ago, you will see this is wh
On Tue, Nov 19, 2002 at 09:06:36AM -0500, Dan Pelleg wrote:
>
> I'd like to propose a framework alternative to rc.firewall.
Who need rc.firewall when firewall (IPFW2) in last release (FreeBSD 4.7)
don't work properly ?
--
Vladislav V. Zhuk (06267)3-60-03 [EMAIL PROTECTED] 2:[EMAIL PROTECTED]
T
On Mon, 18 Nov 2002 14:39:56 -, [EMAIL PROTECTED] (Willy
Offermans) wrote:
>I have bought a nice laptop computer (Gericom Masterpiece 25340 XL).
>It has an ethernet card inside, based on SiS 900 chip.
>During boot, FreeBSD can detect the card, but cannot assign an MAC
>address, nor initializin
To help clarify gif is no longer suspect I have changed the subject.
On Tue, Nov 19, 2002 at 04:08:26PM +0100, Guido van Rooij wrote:
> On Tue, Nov 19, 2002 at 07:54:29AM -0600, David Kelly wrote:
> >
> > The problem is that while ESP packets arrive to be processed by
> > IPsec just fine thru my
Hello!
Guido wrote:
> > The problem is that while ESP packets arrive to be processed by
> > IPsec just fine thru my ipfw rules, when the packets are de-encrypted
> > and re-inserted into the kernel they appear to ipfw to be coming from
> > my external interface (the one they arrived on via ESP
13 matches
Mail list logo