Date: Fri, 20 Jan 2006 21:53:33 +0000 From: Brian Candler <B.Candler@pobox.com> To: Alexey Popov <llp@iteranet.com> Cc: freebsd-net@freebsd.org Subject: Re: IPSEC documentation Message-ID: <20060120215333.GA48603@uk.tiscali.com> In-Reply-To: <20051229122549.GA11055@uk.tiscali.com> References: <20051228143817.GA6898@uk.tiscali.com> <001401c60bc0$a3c87e90$1200a8c0@gsicomp.on.ca> <20051228153106.GA7041@uk.tiscali.com> <20051228164339.GB3875@zen.inc> <43B38747.1060906@iteranet.com> <20051229122549.GA11055@uk.tiscali.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Thu, Dec 29, 2005 at 09:50:47AM +0300, Alexey Popov wrote: > > If we would also have NAT-T support, FreeBSD would be the best choice > > of VPN concentrator. I just saw this patch posted on the ipsec-tools-devel list: http://ipsec-tools.sf.net/freebsd6-natt.diff It's for FreeBSD 6 but also seems to apply cleanly to 5.4, apart from one file which I think needs this instead: --- ./netinet/in_proto.c.orig Mon Mar 21 16:05:35 2005 +++ ./netinet/in_proto.c Fri Jan 20 21:41:59 2006 @@ -108,7 +108,7 @@ &nousrreqs }, { SOCK_DGRAM, &inetdomain, IPPROTO_UDP, PR_ATOMIC|PR_ADDR, - udp_input, 0, udp_ctlinput, ip_ctloutput, + udp_input, 0, udp_ctlinput, udp_ctloutput, 0, udp_init, 0, 0, 0, &udp_usrreqs Haven't tested it yet - just waiting for kernel to recompile :-) Regards, Brian.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060120215333.GA48603>