On Thu, 11 May 2000, Matthew Dillon wrote:
> I had to fix up /etc/rc.network a little to load the ipsec rules
> at the appropriate point (just after the interface and ipfw setup,
> but before any services (like NFS) are run). I am going to put the
> (relatively simple) patch for rc.network up for a quick review and
> then commit it along with an example file and a reference to the
> example file in the man page.
Please submit this to the KAME folks ([EMAIL PROTECTED]) as well so we
can keep in sync. I'm in the process of merging the latest KAME snapshot
into 5.0 with the aim of trying to update our IPv6/IPSec support
(Currently our IPSec code dates to November 1999), so keeping the two
codebases in sync as much as possible will help my job - I don't want the
FreeBSD IPv6/IPsec code to get ahead of the KAME code, or I'm likely to
miss the change locally and blow it away.
I'm not sure whether or not the problem you had was a bug - again, you'd
be best off speaking to the KAME guys directly (although given the age of
our ipsec code I don't know how much they'd be able to help)
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <[EMAIL PROTECTED]>
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
