From owner-freebsd-net@FreeBSD.ORG Mon Jul 21 14:13:30 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ABB53106566B for ; Mon, 21 Jul 2008 14:13:30 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25]) by mx1.freebsd.org (Postfix) with ESMTP id 5B4688FC17 for ; Mon, 21 Jul 2008 14:13:30 +0000 (UTC) (envelope-from vanhu@zeninc.net) Received: by smtp.zeninc.net (smtpd, from userid 1000) id C636A3F7B; Mon, 21 Jul 2008 16:13:27 +0200 (CEST) Date: Mon, 21 Jul 2008 16:13:27 +0200 From: VANHULLEBUS Yvan To: freebsd-net@freebsd.org Message-ID: <20080721141327.GA24677@zen.inc> References: <20080630040103.94730.qmail@mailgate.gta.com> <486A45AB.2080609@freebsd.org> <487EC62A.3070301@freebsd.org> <20080721083110.GA21786@zen.inc> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080721083110.GA21786@zen.inc> User-Agent: All mail clients suck. This one just sucks less. Subject: Re: FreeBSD NAT-T patch integration [CFR/CFT] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jul 2008 14:13:30 -0000 On Mon, Jul 21, 2008 at 10:31:10AM +0200, VANHULLEBUS Yvan wrote: > On Wed, Jul 16, 2008 at 09:10:18PM -0700, Sam Leffler wrote: > [...] > > Please test/review the following patch against HEAD: > > > > http://people.freebsd.org/~sam/nat_t-20080616.patch > > I have tested the RELENG7 version of the patch, and it works well. > > > But I noticed a misplaced #endif at the beginning of udp_ctloutput(), > which will generate problems if INET6 is not defined: [....] After some more testing, I found another issue: in udp4_espdecap(), when payload <= sizeof(uint64_t) + sizeof(struct esp), packet should not be discarded, but just returned for normal processing. And I also have doubts about a change in udp_ctloutput(), in the switch statement which process optval and searches for an UDP_ENCAP_ESPINUDP* flag. The way you changed it forces a flags cleanup anytime. I don't see why someone would set both UDP_ENCAP_ESPINUDP and UDP_ENCAP_ESPINUDP_NON_IKE, but as I was tracking down a problem, I changed it again to be processed "the old way" to ensure it was not the source of the issue. Sam, did you have a good reason to change that part of the code, or was it mostly to have a more compliant coding style ? Updated patches are available for HEAD, RELENG7 and RELENG63 (yeah :-) here: http://people.freebsd.org/~vanhu/NAT-T/ Please all notice that there is still the word "test" in patches names..... Yvan.