Date: Fri, 03 Jan 2003 11:45:25 +0200 From: Pekka Nikander <pekka.nikander@nomadiclab.com> To: Brooks Davis <brooks@one-eyed-alien.net> Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec / ipfw interaction in 4.7-STABLE: a proposed change Message-ID: <3E155BB5.4000706@nomadiclab.com> In-Reply-To: <20030102122941.A27618@Odin.AC.HMC.Edu> References: <3E144753.7020905@nomadiclab.com> <86k7hnz4hp.fsf@notbsdems.nantes.kisoft-services.com> <20030102122941.A27618@Odin.AC.HMC.Edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Brooks Davis wrote: > loif[] is evil and its use should not be extended. In any case, NLOOP > no longer exists in current since loopback interfaces are clonable. If > you didn't want to adopt OpenBSD's enc interface, an alternate solution > might be to set up an ioctl to allow you to register the interface you > want to have these packets come from. OpenBSD enc sounds like the right choice, but I'm a bit worried about the amount of work involved in porting it. Handling incoming packets seems to be easy enough, but implementing the possibility of snooping outgoing packets may not be that easy... Now, out of curiosity, why do you consider loif[] evil? --Pekka Nikander To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E155BB5.4000706>