Date: Thu, 6 Nov 2003 21:47:44 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> To: freebsd-ipfw@freebsd.org Cc: Hajimu UMEMOTO <ume@mahoroba.org> Subject: HEAD ip_fw2 ipsec b0rked Message-ID: <Pine.BSF.4.53.0311062137160.653@e0-0.zab2.int.zabbadoz.net>
next in thread | raw e-mail | index | archive | help
Hi, 1) when someone fixes the panic: ipsec_gethist: obsolete API in netinet/ip_fw2.c 2) can you please also add the opt_ipsec.h from http://www.freebsd.org/cgi/query-pr.cgi?pr=58899 resp. review this __untested__ patch: --- compile-crisco-20031106-1650/sys/netinet/ip_fw2.c.orig Thu Nov 6 16:58:59 2003 +++ compile-crisco-20031106-1650/sys/netinet/ip_fw2.c Thu Nov 6 21:45:03 2003 @@ -37,6 +37,7 @@ #include "opt_ipdn.h" #include "opt_ipdivert.h" #include "opt_inet.h" +#include "opt_ipsec.h" #ifndef INET #error IPFIREWALL requires INET. #endif /* INET */ @@ -1938,7 +1939,7 @@ PACKET_TAG_IPSEC_IN_DONE, NULL) != NULL); #endif #ifdef IPSEC - match = (ipsec_gethist(m, NULL) != NULL); + match = (ipsec_getnhist(m) != NULL); #endif /* otherwise no match */ break; @@ -2548,7 +2549,9 @@ case O_TCPOPTS: case O_ESTAB: case O_VERREVPATH: +#if defined(IPSEC) || defined(FAST_IPSEC) case O_IPSEC: +#endif if (cmdlen != F_INSN_SIZE(ipfw_insn)) goto bad_size; break; -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT 56 69 73 69 74 http://www.zabbadoz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.53.0311062137160.653>