NATT patch and FreeBSD's setkey

VANHULLEBUS Yvan vanhu at FreeBSD.org
Wed Apr 15 07:09:10 UTC 2009


On Tue, Apr 14, 2009 at 04:24:44PM -0400, Scott Ullrich wrote:
> On Thu, Feb 26, 2009 at 10:11 AM, VANHULLEBUS Yvan <vanhu at freebsd.org> wrote:
> > On Tue, Feb 17, 2009 at 02:41:41PM +0000, Bjoern A. Zeeb wrote:
> [snip]
> >> We have about 3 months left to get that patch in for 8; ideally 6
> >> weeks.  Can you update the nat-t patch in a way as discussed here
> >> before so that the extra address is in etc. and we can move forward?
> >
> > Done, new version is available here:
> > http://people.freebsd.org/~vanhu/NAT-T/experimental/patch-FreeBSD-TRUNK-NATT-pfkey-clean-2009-02-26.diff
> 
> Hello,

Hi.


> We recently tested this patch on a up to date current as of a couple
> hours ago and it seems to break all outgoing UDP traffic (DNS
> included).

There's a conflict between INP_ESPINUDP* and other INP_* commited
since 2009-02-26.


> Has anyone else experienced this issue?  Backing the patch out of our
> pfSense patch roster cleared up the problem.
> 
> Is there a newer patch available by chance?

Actually, not, because there are no bits left in inp_flags, so we are
actually looking for another location to put them.


Yvan.


More information about the freebsd-net mailing list