(review request) ipfw and ipsec processing order for
outgoingpackets
Joost Bekkers
joost at jodocus.org
Mon Nov 29 09:49:57 PST 2004
On Mon, Nov 29, 2004 at 04:04:20PM +0100, Andre Oppermann wrote:
> Joost Bekkers wrote:
> >
> > On Mon, Nov 29, 2004 at 11:14:46AM +0100, Andre Oppermann wrote:
> > > >
> > > > The attached patch is against 5.3R
> > >
> > > Please post unified diffs.
> > >
> >
> > Ok, here you go.
>
> While this way of 'fixing' the IPSEC problem works it is rather gross
> and not very stylish. I prefer not to have this in the tree as makes
> maintainance a lot harder.
>
I totaly agree that it is not pretty. I was trying to avoid duplicating
the code (so every change would have to be made twice) and making it a
function didn't sit right for some reason. Hints/tips for dealing with
this kind of situation are welcome, but maybe better off-list.
> I have some stuff wrt [Fast]IPSEC and your problem in the works and
> it should become ready around christmas time (loadable [Fast]IPSEC, at
> least for IPv4).
>
Looking forward to it.
--
greetz Joost
joost at jodocus.org
More information about the freebsd-net
mailing list