IPSec, nat on enc device
Ermal Luçi
eri at freebsd.org
Mon Oct 19 19:50:47 UTC 2009
On Mon, Oct 19, 2009 at 5:32 PM, Eric Masson <emss.mail at gmail.com> wrote:
> Ermal Luçi <eri at freebsd.org> writes:
>
> Hello Ermal,
>
>> I think you should send this email to ipsec-tool mailing list!
>> Basically the daemon should be modified for this and FreeBSD
>> is not the owner of such code.
>
> I know ;) I'll bug them regarding ${suject} as well (some ipsec-tools
> devs lurk there too)
>
> I'm not sure that pf & ipsec stack already support this feature. Maybe
> bz@ or vanhu@ will shed a light on this point.
>
AFAIK, there is not limitation to allow this in the IPSec stack.
So it is purely a daemon perspective to instrument the stack for this.
--
Ermal
More information about the freebsd-net
mailing list