cvs commit: src/sbin/ipfw ipfw.8 src/share/man/man4 ipsec.4 src/sys/conf NOTES options src/sys/netinet ip_input.c ip_ipsec.c ip_ipsec.h src/sys/netinet6 ip6_ipsec.c ip6_ipsec.h

Bjoern A. Zeeb bz at
Sun Aug 5 09:16:16 PDT 2007

bz          2007-08-05 16:16:15 UTC

  FreeBSD src repository

  Modified files:
    sbin/ipfw            ipfw.8 
    share/man/man4       ipsec.4 
    sys/conf             NOTES options 
    sys/netinet          ip_input.c ip_ipsec.c ip_ipsec.h 
    sys/netinet6         ip6_ipsec.c ip6_ipsec.h 
  Also rename the related functions in a similar way.
  There are no functional changes.
  For a packet coming in with IPsec tunnel mode, the default is
  to only call into the firewall with the "outer" IP header and
  With this option turned on, in addition to the "outer" parts,
  the "inner" IP header and payload are passed to the
  firewall too when going through ip_input() the second time.
  The option was never only related to a gif(4) tunnel within
  an IPsec tunnel and thus the name was very misleading.
  Discussed at:                   BSDCan 2007
  Best new name suggested by:     rwatson
  Reviewed by:                    rwatson
  Approved by:                    re (bmah)
  Revision  Changes    Path
  1.203     +2 -2      src/sbin/ipfw/ipfw.8
  1.22      +3 -3      src/share/man/man4/ipsec.4
  1.1448    +4 -4      src/sys/conf/NOTES
  1.604     +1 -1      src/sys/conf/options
  1.331     +1 -1      src/sys/netinet/ip_input.c
  1.7       +3 -3      src/sys/netinet/ip_ipsec.c
  1.2       +1 -1      src/sys/netinet/ip_ipsec.h
  1.6       +3 -3      src/sys/netinet6/ip6_ipsec.c
  1.2       +1 -1      src/sys/netinet6/ip6_ipsec.h

More information about the cvs-src mailing list