From owner-freebsd-net@FreeBSD.ORG  Sat Jul 25 13:30:55 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DCCAE1065672
	for <freebsd-net@freebsd.org>; Sat, 25 Jul 2009 13:30:55 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25])
	by mx1.freebsd.org (Postfix) with ESMTP id 951028FC19
	for <freebsd-net@freebsd.org>; Sat, 25 Jul 2009 13:30:55 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from albator.zen.inc (albator.zen.inc [192.168.1.5])
	by smtp.zeninc.net (smtpd) with ESMTP id 7590A2798B8;
	Sat, 25 Jul 2009 15:30:54 +0200 (CEST)
Received: by albator.zen.inc (Postfix, from userid 1000)
	id AA110731C5; Sat, 25 Jul 2009 15:30:53 +0200 (CEST)
Date: Sat, 25 Jul 2009 15:30:53 +0200
From: VANHULLEBUS Yvan <vanhu@FreeBSD.org>
To: Ingo Flaschberger <if@xip.at>
Message-ID: <20090725133053.GA3042@zeninc.net>
References: <alpine.LFD.1.10.0907232208260.25323@filebunker.xip.at>
	<20090724082915.GA93467@zeninc.net>
	<alpine.LFD.1.10.0907241609180.1395@filebunker.xip.at>
	<alpine.LFD.1.10.0907241752070.1395@filebunker.xip.at>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <alpine.LFD.1.10.0907241752070.1395@filebunker.xip.at>
User-Agent: All mail clients suck. This one just sucks less.
Cc: freebsd-net@freebsd.org
Subject: Re:  natt (again) in 7.2 stable and a forticlient
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jul 2009 13:30:56 -0000

On Fri, Jul 24, 2009 at 06:10:42PM +0200, Ingo Flaschberger wrote:
> Hi,
>
>> attached a patch for ports-security-ipsec-tools Makefile
>> to disable to offer NATT-IKE-ENCAP.
>
> aii.. bug in the batch, sorry.
>
> attached new patch.

Drafts 05+ should NOT be used, as they use IANA numbers which have
been assigned to other RFCs.

The cleaner change will probably be to enable only RFC support by
default directly in ipsec-tools (for 0.8.0 release), and perhaps to
add some optiond to enable a specific list of drafts to support in
FreeBSD's patch.



Yvan.