cvs commit: doc/en_US.ISO8859-1/books/handbook/security chapter.sgml

Tom Rhodes trhodes at FreeBSD.org
Mon Jun 26 13:13:42 UTC 2006


On Mon, 26 Jun 2006 13:06:22 +0000 (UTC)
Giorgos Keramidas <keramida at FreeBSD.org> wrote:

> keramida    2006-06-26 13:06:22 UTC
> 
>   FreeBSD doc repository
> 
>   Modified files:
>     en_US.ISO8859-1/books/handbook/security chapter.sgml 
>   Log:
>   When IPSEC is configured according to the Handbook[1], pf fails
>   to track connection state properly, because it does not see
>   packets coming from the tunneled interface to gif(4).  Rebuilding
>   with IPSEC_FILTERGIF fixes the problem.
>   
>   According to mlaier@ we cannot change GENERIC for this, but it's
>   ok to document the requirement for IPSEC_FILTERGIF.  Add a note
>   to this effect.

Not to disagree with Max, but I always looked through NOTES
for information.  Perhaps a note could be added there?

-- 
Tom Rhodes


More information about the cvs-doc mailing list