kern/169620: [ng] [pf] ng_l2tp incoming packet bypass pf firewall

[HASHI Hiroaki ( 橋 宏彰 )]

The following reply was made to PR kern/169620; it has been noted by GNATS.

From: HASHI Hiroaki (=?iso-2022-jp?B?GyRCNjYbKEIgGyRCOSg+NBsoQg==?=)
 <hashiz at meridiani.jp>
To: longwitz at incore.de
Cc: bug-followup at freebsd.org
Subject: Re: kern/169620: [ng] [pf] ng_l2tp incoming packet bypass pf
 firewall
Date: Fri, 03 Aug 2012 12:39:15 +0900 (JST)

 Hi.
 
 In "Re: kern/169620: [ng] [pf] ng_l2tp incoming packet bypass pf firewall" at Thu, 02 Aug 2012 19:20:48 +0900 (JST)
  HASHI Hiroaki <hashiz at meridiani.jp>  wrote:
 > In "Re: kern/169620: [ng] [pf] ng_l2tp incoming packet bypass pf firewall" at Thu, 02 Aug 2012 10:39:20 +0200
 >  Andreas Longwitz <longwitz at incore.de>  wrote:
 >> Hi,
 >>> PF firewall does not examine incomming packet on ng_l2tp interface.
 >> 
 >> If your incoming packets are handled by IPSec before ng_l2tp your
 >> problem is explained in
 > 
 > Yes, handled by IPSec.
 > 
 >> 
 >>    lists.freebsd.org/pipermail/freebsd-net/2012-January/031161.html
 > 
 > I will try it.
 
 This patch work fine for me.