From owner-freebsd-net@FreeBSD.ORG  Fri Dec 12 17:55:02 2008
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 46B991065676
	for <freebsd-net@freebsd.org>; Fri, 12 Dec 2008 17:55:02 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from smtp.zeninc.net (smtp.zeninc.net [80.67.176.25])
	by mx1.freebsd.org (Postfix) with ESMTP id 04DAD8FC19
	for <freebsd-net@freebsd.org>; Fri, 12 Dec 2008 17:55:02 +0000 (UTC)
	(envelope-from vanhu@zeninc.net)
Received: from albator.zen.inc (albator.zen.inc [192.168.1.5])
	by smtp.zeninc.net (smtpd) with ESMTP id 399302798B8
	for <freebsd-net@freebsd.org>; Fri, 12 Dec 2008 18:55:01 +0100 (CET)
Received: by albator.zen.inc (Postfix, from userid 1000)
	id 2BD267343B; Fri, 12 Dec 2008 18:55:01 +0100 (CET)
Date: Fri, 12 Dec 2008 18:55:01 +0100
From: VANHULLEBUS Yvan <vanhu@FreeBSD.org>
To: freebsd-net@freebsd.org
Message-ID: <20081212175500.GA2573@zeninc.net>
References: <20081211122828.CF3958FC16@mx1.freebsd.org>
	<20081211123958.GA5332@zeninc.net>
	<200812121845.20262.artem@aws-net.org.ua>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200812121845.20262.artem@aws-net.org.ua>
User-Agent: All mail clients suck. This one just sucks less.
Subject: Re:  NAT-T + ipsec integration
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Dec 2008 17:55:02 -0000

On Fri, Dec 12, 2008 at 06:45:20PM +0200, Artyom Viklenko wrote:
> On Thursday 11 December 2008 14:39:58 VANHULLEBUS Yvan wrote:
[....]
> > Actually, you can apply a patch to src/sys and recompile your kernel
> > with IPSEC_NAT_T options.
> > Patches are available here:
> > http://people.freebsd.org/~vanhu/NAT-T/
> 
> And what about patches for 6.4-RELEASE?

I just not tested on 6.4 (almost all my devices moved to 7.x, and the
remaining ones will stay in 6.3 for various reasons), but 6.3 patch
should work on 6.4 if it compiles cleanly (I did NOT check every
single kernel change between 6.3 and 6.4).

If people can test it and see some compile/runtime problems, please
report them, I'll try to fix them.



Yvan.